FreeBSD 13

FreeBSD 13 — zookeeper — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — zookeeper — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: apache — Apache ZooKeeper: Authorization bypass in SASL Quorum Peer Authentication Related CVEs: CVE-2017-5637 CVE-2023-44981 Upstream summary: [email protected] reports: Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL […]

Read more
FreeBSD 13 — py35-yaml — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — py35-yaml — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-yaml — FullLoader (still) exploitable for arbitrary command execution Related CVEs: CVE-2017-18342 CVE-2020-1747 Upstream summary: Riccardo Schirone (https://github.com/ret2libc) reports: In FullLoader python/object/new constructor, implemented by construct_python_object_apply, has support for setting […]

Read more
FreeBSD 13 — mpd — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — mpd — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: MPD5 PPPoE Server remotely exploitable crash Related CVEs: CVE-2020-7465 CVE-2020-7466 Upstream summary: Version 5.9_2 contains security fix for PPPoE servers. Insufficient validation of incoming PPPoE Discovery request specially crafted by […]

Read more
FreeBSD 13 — py36-ansible-core — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — py36-ansible-core — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Ansible — Ansible user credentials disclosure in ansible-connection module Related CVEs: CVE-2021-3583 CVE-2021-3620 Upstream summary: Red Hat reports: A flaw was found in Ansible Engine's ansible-connection module, where sensitive information […]

Read more
FreeBSD 13 — php56-soap — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — php56-soap — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2015-6831 CVE-2015-6832 CVE-2015-6833 CVE-2015-6834 CVE-2015-6835 CVE-2015-6836 CVE-2015-6837 CVE-2015-6838 Upstream summary: PHP reports: Core: Fixed bug #70755 (fpm_log.c memory leak and buffer overflow). GD: Fixed […]

Read more
FreeBSD 13 — py39-cryptography — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — py39-cryptography — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-cryptography — includes a vulnerable copy of OpenSSL Related CVEs: CVE-2023-0286 CVE-2023-23931 Upstream summary: pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography […]

Read more
FreeBSD 13 — libcaca — multiple vulnerabilities (8 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — libcaca — multiple vulnerabilities (8 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libcaca — Multiple vulnerabilities Related CVEs: CVE-2018-20545 CVE-2018-20546 CVE-2018-20547 CVE-2018-20548 CVE-2018-20549 CVE-2021-30498 CVE-2021-30499 CVE-2021-3410 Upstream summary: Sam Hocevar reports: Multiple memory leaks and invalid memory accesses: CVE-2018-20545: Illegal WRITE memory […]

Read more
FreeBSD 13 — nghttp — multiple vulnerabilities (7 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — nghttp — multiple vulnerabilities (7 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: nghttp2 — CWE-617: Reachable Assertion Related CVEs: CVE-2015-8659 CVE-2016-1544 CVE-2018-1000168 CVE-2019-9511 CVE-2019-9513 CVE-2020-11080 CVE-2026-27135 Upstream summary: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-6933-cjhr-5qg6 reports: nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in […]

Read more
CHAT