| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | # $NetBSD: pkg-vulnerabilities,v 1.197 2024/05/15 08:18:54 wiz Exp $ | | 1 | # $NetBSD: pkg-vulnerabilities,v 1.198 2024/05/15 13:13:19 wiz Exp $ |
2 | # | | 2 | # |
3 | #FORMAT 1.0.0 | | 3 | #FORMAT 1.0.0 |
4 | # | | 4 | # |
5 | # Please read "Handling packages with security problems" in the pkgsrc | | 5 | # Please read "Handling packages with security problems" in the pkgsrc |
6 | # guide before editing this file. | | 6 | # guide before editing this file. |
7 | # | | 7 | # |
8 | # Note: NEVER remove entries from this file; this should document *all* | | 8 | # Note: NEVER remove entries from this file; this should document *all* |
9 | # known package vulnerabilities so it is entirely appropriate to have | | 9 | # known package vulnerabilities so it is entirely appropriate to have |
10 | # multiple entries in this file for a single package, and to contain | | 10 | # multiple entries in this file for a single package, and to contain |
11 | # entries for packages which have been removed from pkgsrc. | | 11 | # entries for packages which have been removed from pkgsrc. |
12 | # | | 12 | # |
13 | # New entries should be added at the end of this file. | | 13 | # New entries should be added at the end of this file. |
14 | # | | 14 | # |
| @@ -25995,13 +25995,14 @@ p5-Email-MIME<1.954 denial-of-service ht | | | @@ -25995,13 +25995,14 @@ p5-Email-MIME<1.954 denial-of-service ht |
25995 | uriparser<0.9.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-34402 | | 25995 | uriparser<0.9.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-34402 |
25996 | uriparser<0.9.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-34403 | | 25996 | uriparser<0.9.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-34403 |
25997 | tinyproxy<1.11.1nb2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-49606 | | 25997 | tinyproxy<1.11.1nb2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-49606 |
25998 | unbound<1.20.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33655 | | 25998 | unbound<1.20.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33655 |
25999 | phpldapadmin<1.2.6.7 cross-site-scripting https://github.com/leenooks/phpLDAPadmin/commit/d59cbfef5d8a78da55e4c1919862e9e3968b3715 | | 25999 | phpldapadmin<1.2.6.7 cross-site-scripting https://github.com/leenooks/phpLDAPadmin/commit/d59cbfef5d8a78da55e4c1919862e9e3968b3715 |
26000 | go121<1.21.10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-24787 | | 26000 | go121<1.21.10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-24787 |
26001 | go122<1.22.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-24787 | | 26001 | go122<1.22.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-24787 |
26002 | vim<9.1.0404 buffer-overflow https://github.com/vim/vim/commit/67797191e039196128c69 | | 26002 | vim<9.1.0404 buffer-overflow https://github.com/vim/vim/commit/67797191e039196128c69 |
26003 | git-base<2.45.1 execute-arbitrary-code https://nvd.nist.gov/vuln/detail/CVE-2024-32002 | | 26003 | git-base<2.45.1 execute-arbitrary-code https://nvd.nist.gov/vuln/detail/CVE-2024-32002 |
26004 | git-base<2.45.1 execute-arbitrary-code https://nvd.nist.gov/vuln/detail/CVE-2024-32004 | | 26004 | git-base<2.45.1 execute-arbitrary-code https://nvd.nist.gov/vuln/detail/CVE-2024-32004 |
26005 | git-base<2.45.1 insufficient-checks https://nvd.nist.gov/vuln/detail/CVE-2024-32020 | | 26005 | git-base<2.45.1 insufficient-checks https://nvd.nist.gov/vuln/detail/CVE-2024-32020 |
26006 | git-base<2.45.1 toctou https://nvd.nist.gov/vuln/detail/CVE-2024-32021 | | 26006 | git-base<2.45.1 toctou https://nvd.nist.gov/vuln/detail/CVE-2024-32021 |
26007 | git-base<2.45.1 execute-arbitrary-code https://nvd.nist.gov/vuln/detail/CVE-2024-32465 | | 26007 | git-base<2.45.1 execute-arbitrary-code https://nvd.nist.gov/vuln/detail/CVE-2024-32465 |
| | | 26008 | dino<0.4.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-28686 |