FreeBSD 13

FreeBSD 13 — py35-buildbot — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — py35-buildbot — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: buildbot — OAuth Authentication Vulnerability Related CVEs: CVE-2019-12300 CVE-2019-7313 Upstream summary: Buildbot accepted user-submitted authorization token from OAuth and used it to authenticate user. The vulnerability can lead to malicious […]

Read more
FreeBSD 13 — graylog — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — graylog — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: graylog — remote code execution in log4j from user-controlled log input Related CVEs: CVE-2021-44228 CVE-2021-45046 Upstream summary: Apache Software Foundation reports: It was found that the fix to address CVE-2021-44228 […]

Read more
FreeBSD 13 — gzip — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — gzip — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: zgrep — arbitrary file write Related CVEs: CVE-2005-0988 CVE-2005-1228 CVE-2006-4334 CVE-2006-4335 CVE-2006-4336 CVE-2006-4337 CVE-2006-4338 CVE-2022-1271 Upstream summary: RedHat reports: An arbitrary file write vulnerability was found in GNU gzip's zgrep […]

Read more
FreeBSD 13 — py311-wagtail — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — py311-wagtail — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-wagtail — stored XSS vulnerability Related CVEs: CVE-2023-28836 CVE-2023-28837 Upstream summary: A stored cross-site scripting (XSS) vulnerability exists on ModelAdmin views within the Wagtail admin interface. A user with a […]

Read more
FreeBSD 13 — py38-cryptography — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — py38-cryptography — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-cryptography — includes a vulnerable copy of OpenSSL Related CVEs: CVE-2023-0286 CVE-2023-23931 Upstream summary: pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography […]

Read more
FreeBSD 13 — linux-c7-libtiff — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — linux-c7-libtiff — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: tiff — multiple vulnerabilities Related CVEs: CVE-2015-8870 CVE-2016-5652 CVE-2016-9533 CVE-2016-9534 CVE-2016-9535 CVE-2016-9536 CVE-2016-9537 CVE-2016-9540 Upstream summary: libtiff project reports: Multiple flaws have been discovered in libtiff library and utilities. Table […]

Read more
FreeBSD 13 — proftpd-mysql — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — proftpd-mysql — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: proftpd — arbitrary code execution vulnerability with chroot Related CVEs: CVE-2005-2390 CVE-2006-5815 CVE-2006-6170 CVE-2008-4242 CVE-2008-4247 CVE-2009-0542 CVE-2009-0543 Upstream summary: The FreeBSD security advisory FreeBSD-SA-11:07.chroot reports: If ftpd is configured to […]

Read more
FreeBSD 13 — py310-Jinja — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — py310-Jinja — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Jinja2 — Sandbox breakout through attr filter selecting format method Related CVEs: CVE-2024-34064 CVE-2025-27516 Upstream summary: [email protected] reports: Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in […]

Read more
FreeBSD 13 — ruby24-gems — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — ruby24-gems — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: RubyGems — multiple vulnerabilities Related CVEs: CVE-2017-0903 CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 Upstream summary: RubyGems Security Advisories: CVE-2019-8320: Delete directory using symlink when decompressing tar CVE-2019-8321: Escape sequence injection […]

Read more
FreeBSD 13 — lesstif — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — lesstif — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xpm — image decoding vulnerabilities Related CVEs: CVE-2004-0687 CVE-2004-0688 Upstream summary: Chris Evans discovered several vulnerabilities in the libXpm image decoder: A stack-based buffer overflow in xpmParseColors An integer overflow […]

Read more
CHAT