Security Hardening

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: rpm4 — Multiple Vulnerabilities Related CVEs: CVE-2021-3521 CVE-2021-35938 CVE-2021-35939 Upstream summary: rpm project reports: Fix intermediate symlinks not verified (CVE-2021-35939). Fix subkey binding signatures not checked on PGP public keys […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: python — buffer overrun in repr() for unicode strings Related CVEs: CVE-2005-0089 CVE-2006-4980 Upstream summary: Benjamin C. Wiley Sittler reports: I discovered a [buffer overrun in repr() for unicode strings]. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: kibana4 — XSS vulnerability Related CVEs: CVE-2015-8131 Upstream summary: Elastic reports: Fixes XSS vulnerability (CVE pending) – Thanks to Vladimir Ivanov for responsibly reporting. Table of contents Symptom & Impact […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: wheel — CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Related CVEs: CVE-2026-24049 Upstream summary: https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx reports: wheel is a command line tool for manipulating Python […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2015-8879 CVE-2016-5385 CVE-2016-5399 CVE-2016-6288 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292  +4 more Upstream summary: PHP reports: Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns) […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: ceph14 — HTTP header injection via CORS ExposeHeader tag Related CVEs: CVE-2020-10753 CVE-2020-1759 CVE-2020-1760 Upstream summary: Red Hat bugzilla reports: A flaw was found in the Red Hat Ceph Storage […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: freeciv — Denial of Service Vulnerabilities Related CVEs: CVE-2006-0047 CVE-2006-3913 Upstream summary: Secunia reports: Luigi Auriemma has reported a vulnerability in Freeciv, which can be exploited by malicious people to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: End of Life Ports Upstream summary: These packages have reached End of Life status and/or have been removed from the Ports Tree. They may contain undocumented security issues. Please take […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-ansible — multiple vulnerabilities Related CVEs: CVE-2020-25635 CVE-2020-25636 CVE-2021-3532 Upstream summary: abeluck reports: A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: node, iojs, and v8 — denial of service Related CVEs: CVE-2015-5380 Upstream summary: node reports: This release of Node.js fixes a bug that triggers an out-of-band write in V8's utf-8 […]