FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-28 14:09:37 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
f353525a-d8b8-11e6-a071-001e67f15f5alshell -- Multiple security issues

lshell reports:

It is possible to escape lshell if an allowed command can execute an arbitrary non allowed one (issue #122).

Inappropriate parsing of commands can lead to arbitrary command execution (issue #147, #149, #151).


Discovery 2016-02-04
Entry 2018-07-27
lshell
le 0.9.18

https://github.com/ghantoos/lshell/issues/122
https://github.com/ghantoos/lshell/issues/147
https://github.com/ghantoos/lshell/issues/149
https://github.com/ghantoos/lshell/issues/151
07d04eef-d8e2-11e6-a071-001e67f15f5alshell -- Shell autocomplete reveals forbidden directories

lshell reports:

The autocomplete feature allows users to list directories, while they do not have access to those paths (issue #109).


Discovery 2015-07-25
Entry 2018-07-27
lshell
< 0.9.18

https://github.com/ghantoos/lshell/issues/109