FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
cc1fd3da-b8fd-4f4d-a092-c38541c0f993vault -- User Enumeration via LDAP auth

Vault developers report:

Vault allowed enumeration of users via the LDAP auth method. This vulnerability, was fixed in Vault 1.6.1 and 1.5.6.

An external party reported that they were able to enumerate LDAP users via error messages returned by Vault’s LDAP auth method


Discovery 2020-12-16
Entry 2020-12-17
vault
lt 1.6.1

CVE-2020-35177
https://discuss.hashicorp.com/t/hcsec-2020-25-vault-s-ldap-auth-method-allows-user-enumeration/18984