FreeBSD 14

FreeBSD 14 — prometheus — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — prometheus — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: prometheus2 — basic authentication bypass Related CVEs: CVE-2021-29622 CVE-2022-46146 Upstream summary: Prometheus team reports: Prometheus and its exporters can be secured by a web.yml file that specifies usernames and hashed […]

Read more
FreeBSD 14 — rubygem-ruby-saml — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — rubygem-ruby-saml — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ruby-saml — XML signature wrapping attack Related CVEs: CVE-2016-5697 Upstream summary: RubySec reports: ruby-saml prior to version 1.3.0 is vulnerable to an XML signature wrapping attack in the specific scenario […]

Read more
FreeBSD 14 — php56-xml — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — php56-xml — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2016-3074 Upstream summary: The PHP Group reports: BCMath: Fixed bug #72093 (bcpowmod accepts negative scale and corrupts _one_ definition). Exif: Fixed bug #72094 (Out […]

Read more
FreeBSD 14 — py39-tflite — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — py39-tflite — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-tflite — buffer overflow vulnerability Related CVEs: CVE-2021-37689 CVE-2022-41894 Upstream summary: Thibaut Goetghebuer-Planchon reports: The reference kernel of the CONV_3D_TRANSPOSE TensorFlow Lite operator wrongly increments the data_ptr when adding the […]

Read more
FreeBSD 14 — py33-rsa — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — py33-rsa — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-rsa — Bleichenbacher'06 signature forgery vulnerability Related CVEs: CVE-2016-1494 Upstream summary: Filippo Valsorda reports: python-rsa is vulnerable to a straightforward variant of the Bleichenbacher'06 attack against RSA signature verification with […]

Read more
FreeBSD 14 — liboqs — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — liboqs — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: liboqs — Secret-dependent branching in HQC Related CVEs: CVE-2024-54137 CVE-2025-52473 Upstream summary: The OpenQuantumSafe project reports: Secret-dependent branching in HQC reference implementation when compiled with Clang 17-20 for optimizations above […]

Read more
FreeBSD 14 — py311-Jinja — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — py311-Jinja — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Jinja2 — Sandbox breakout through attr filter selecting format method Related CVEs: CVE-2024-34064 CVE-2025-27516 Upstream summary: [email protected] reports: Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in […]

Read more
FreeBSD 14 — py35-borgbackup — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — py35-borgbackup — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: borgbackup — remote users can override repository restrictions Related CVEs: CVE-2017-15914 Upstream summary: BorgBackup reports: Incorrect implementation of access controls allows remote users to override repository restrictions in Borg servers. […]

Read more
FreeBSD 14 — zh-cle_base — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — zh-cle_base — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xpm — image decoding vulnerabilities Related CVEs: CVE-2004-0687 CVE-2004-0688 Upstream summary: Chris Evans discovered several vulnerabilities in the libXpm image decoder: A stack-based buffer overflow in xpmParseColors An integer overflow […]

Read more
FreeBSD 14 — zabbix32-proxy — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — zabbix32-proxy — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Zabbix — Remote code execution Related CVEs: CVE-2017-2824 Upstream summary: mitre reports: An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X. A specially crafted […]

Read more
CHAT