FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
efd03116-c2a9-11ea-82bc-b42e99a1b9c3webkit2-gtk3 -- multible vulnerabilities

The WebKitGTK project reports vulnerabilities:

  • CVE-2020-9802: Processing maliciously crafted web content may lead to arbitrary code execution.
  • CVE-2020-9803: Processing maliciously crafted web content may lead to arbitrary code execution.
  • CVE-2020-9805: Processing maliciously crafted web content may lead to universal cross site scripting.
  • CVE-2020-9806: Processing maliciously crafted web content may lead to arbitrary code execution.
  • CVE-2020-9807: Processing maliciously crafted web content may lead to arbitrary code execution.
  • CVE-2020-9843: Processing maliciously crafted web content may lead to a cross site scripting attack.
  • CVE-2020-9850: A remote attacker may be able to cause arbitrary code execution.
  • CVE-2020-13753: CLONE_NEWUSER could potentially be used to confuse xdg- desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to directly execute commands outside the sandbox by writing to the controlling terminal’s input buffer.

Discovery 2020-07-10
Entry 2020-07-10
webkit2-gtk3
lt 2.28.3

https://webkitgtk.org/security/WSA-2020-0006.html
CVE-2020-9802
CVE-2020-9803
CVE-2020-9805
CVE-2020-9806
CVE-2020-9807
CVE-2020-9843
CVE-2020-9850
CVE-2020-13753