FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
fce7a6e7-bc5d-11ea-b38d-f0def1d0c3ea	coturn -- information leakage Felix DÃ¶rre reports: The issue is that STUN/TURN response buffer is not initialized properly. (CWE 665) This is a leak of information between different client connections. One client (an attacker) could use their connection to intelligently query coturn to get interesting bytes in the padding bytes from the connection of another client. Discovery 2020-06-30 Entry 2020-07-02 coturn < 4.5.1.3 https://github.com/coturn/coturn/commit/fdf7065d0f8e676feaf6734e86370f6dadfb8eec CVE-2020-4067

VuXML ID

Description

fce7a6e7-bc5d-11ea-b38d-f0def1d0c3ea

coturn -- information leakage

Felix DÃ¶rre reports:

The issue is that STUN/TURN response buffer is not initialized properly. (CWE 665) This is a leak of information between different client connections. One client (an attacker) could use their connection to intelligently query coturn to get interesting bytes in the padding bytes from the connection of another client.

Discovery 2020-06-30
Entry 2020-07-02
coturn

< 4.5.1.3

https://github.com/coturn/coturn/commit/fdf7065d0f8e676feaf6734e86370f6dadfb8eec
CVE-2020-4067