FreeBSD

FreeBSD 13 — py27-yaml — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — py27-yaml — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-yaml — FullLoader (still) exploitable for arbitrary command execution Related CVEs: CVE-2017-18342 CVE-2020-1747 Upstream summary: Riccardo Schirone (https://github.com/ret2libc) reports: In FullLoader python/object/new constructor, implemented by construct_python_object_apply, has support for setting […]

Read more
FreeBSD 12 — percona57-client — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — percona57-client — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: MySQL Client — Multiple vulerabilities Related CVEs: CVE-2020-2752 CVE-2020-2875 CVE-2020-2922 CVE-2020-2933 CVE-2020-2934 Upstream summary: Oracle reports: This Critical Patch Update contains 45 new security patches for Oracle MySQL. 9 of […]

Read more
FreeBSD 13 — py35-yaml — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — py35-yaml — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-yaml — FullLoader (still) exploitable for arbitrary command execution Related CVEs: CVE-2017-18342 CVE-2020-1747 Upstream summary: Riccardo Schirone (https://github.com/ret2libc) reports: In FullLoader python/object/new constructor, implemented by construct_python_object_apply, has support for setting […]

Read more
FreeBSD 14 — automake — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — automake — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: automake — Insecure 'distcheck' recipe granted world-writable distdir Related CVEs: CVE-2012-3386 Upstream summary: GNU reports: The recipe of the 'distcheck' target granted temporary world-write permissions on the extracted distdir. This […]

Read more
FreeBSD 14 — postgresql93-client — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — postgresql93-client — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PostgreSQL vulnerabilities Related CVEs: CVE-2016-5423 CVE-2016-5424 Upstream summary: The PostgreSQL project reports: Security Fixes nested CASE expressions + database and role names with embedded special characters CVE-2017-7484: selectivity estimators bypass […]

Read more
FreeBSD 14 — py38-aiohttp — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — py38-aiohttp — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: aiohttp — open redirect vulnerability Related CVEs: CVE-2021-21330 Upstream summary: Sviatoslav Sydorenko reports: Open redirect vulnerability — a maliciously crafted link to an aiohttp-based web-server could redirect the browser to […]

Read more
FreeBSD 14 — wu-ftpd — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — wu-ftpd — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: wu-ftpd — remote globbing DoS vulnerability Related CVEs: CVE-2004-0148 CVE-2005-0256 Upstream summary: An iDEFENSE Security Advisory reports: Remote exploitation of an input validation vulnerability in version 2.6.2 of WU-FPTD could […]

Read more
FreeBSD 13 — vault — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — vault — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: vault — unauthenticated license read Related CVEs: CVE-2020-35177 CVE-2021-27668 Upstream summary: vault developers report: Limited Unauthenticated License Read: We addressed a security vulnerability that allowed for the unauthenticated reading of […]

Read more
FreeBSD 12 — haproxy — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — haproxy — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: HAproxy — serious vulnerability affecting the HPACK decoder used for HTTP/2 Related CVEs: CVE-2012-2391 CVE-2015-3281 CVE-2016-5360 CVE-2020-11100 Upstream summary: The HAproxy Project reports: The main driver for this release is […]

Read more
FreeBSD 14 — py39-yaml — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — py39-yaml — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PyYAML — arbitrary code execution Related CVEs: CVE-2020-14343 Upstream summary: A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution […]

Read more
CHAT