FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
fce7a6e7-bc5d-11ea-b38d-f0def1d0c3ea	coturn -- information leakage Felix DÃ¶rre reports: The issue is that STUN/TURN response buffer is not initialized properly. (CWE 665) This is a leak of information between different client connections. One client (an attacker) could use their connection to intelligently query coturn to get interesting bytes in the padding bytes from the connection of another client. Discovery 2020-06-30 Entry 2020-07-02 coturn lt 4.5.1.3 https://github.com/coturn/coturn/commit/fdf7065d0f8e676feaf6734e86370f6dadfb8eec CVE-2020-4067

VuXML ID

Description

fce7a6e7-bc5d-11ea-b38d-f0def1d0c3ea

coturn -- information leakage

Felix DÃ¶rre reports:

The issue is that STUN/TURN response buffer is not initialized properly. (CWE 665) This is a leak of information between different client connections. One client (an attacker) could use their connection to intelligently query coturn to get interesting bytes in the padding bytes from the connection of another client.

Discovery 2020-06-30
Entry 2020-07-02
coturn

lt 4.5.1.3

https://github.com/coturn/coturn/commit/fdf7065d0f8e676feaf6734e86370f6dadfb8eec
CVE-2020-4067