diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/aws-lc/Makefile | 2 | ||||
| -rw-r--r-- | security/aws-lc/distinfo | 6 | ||||
| -rw-r--r-- | security/boringssl/Makefile | 4 | ||||
| -rw-r--r-- | security/boringssl/distinfo | 6 | ||||
| -rw-r--r-- | security/netbird/Makefile | 10 | ||||
| -rw-r--r-- | security/netbird/distinfo | 10 | ||||
| -rw-r--r-- | security/netbird/files/netbird.in | 28 | ||||
| -rw-r--r-- | security/nuclei/Makefile | 2 | ||||
| -rw-r--r-- | security/nuclei/distinfo | 10 | ||||
| -rw-r--r-- | security/py-certifi/Makefile | 4 | ||||
| -rw-r--r-- | security/py-certifi/distinfo | 6 | ||||
| -rw-r--r-- | security/py-webauthn/Makefile | 4 | ||||
| -rw-r--r-- | security/py-webauthn/distinfo | 6 | ||||
| -rw-r--r-- | security/py-webauthn/files/patch-pyproject.toml | 12 | ||||
| -rw-r--r-- | security/rubygem-rasn1/Makefile | 2 | ||||
| -rw-r--r-- | security/rubygem-rasn1/distinfo | 6 | ||||
| -rw-r--r-- | security/vuxml/vuln/2025.xml | 232 |
17 files changed, 308 insertions, 42 deletions
diff --git a/security/aws-lc/Makefile b/security/aws-lc/Makefile index e72557e40eea..0bafd001dc8c 100644 --- a/security/aws-lc/Makefile +++ b/security/aws-lc/Makefile @@ -1,5 +1,5 @@ PORTNAME= aws-lc -PORTVERSION= 1.52.1 +PORTVERSION= 1.53.0 DISTVERSIONPREFIX= v CATEGORIES= security diff --git a/security/aws-lc/distinfo b/security/aws-lc/distinfo index 489abb390a58..48a0cd1e409f 100644 --- a/security/aws-lc/distinfo +++ b/security/aws-lc/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1748831216 -SHA256 (aws-aws-lc-v1.52.1_GH0.tar.gz) = fe552e3c3522f73afc3c30011745c431c633f7b4e25dcd7b38325f194a7b3b75 -SIZE (aws-aws-lc-v1.52.1_GH0.tar.gz) = 126954534 +TIMESTAMP = 1750188014 +SHA256 (aws-aws-lc-v1.53.0_GH0.tar.gz) = b7c3a456df40c0d19621848e8c7b70c1fa333f9e8f5aa72755890fb50c9963de +SIZE (aws-aws-lc-v1.53.0_GH0.tar.gz) = 126984389 diff --git a/security/boringssl/Makefile b/security/boringssl/Makefile index 27f7c73d1a2a..d72689f75660 100644 --- a/security/boringssl/Makefile +++ b/security/boringssl/Makefile @@ -1,5 +1,5 @@ PORTNAME= boringssl -PORTVERSION= 0.0.0.0.2025.06.05.01 +PORTVERSION= 0.0.0.0.2025.06.25.01 CATEGORIES= security EXTRACT_ONLY= ${GH_ACCOUNT}-${PORTNAME}-${PORTVERSION}-${GH_TAGNAME}_GH0.tar.gz @@ -19,7 +19,7 @@ CPE_VENDOR= google USE_GITHUB= yes GH_ACCOUNT= google -GH_TAGNAME= 5622da9 +GH_TAGNAME= 78b48c1 CMAKE_ARGS+= -DBUILD_SHARED_LIBS=1 CFLAGS_i386= -msse2 diff --git a/security/boringssl/distinfo b/security/boringssl/distinfo index c05036202f73..64e40c2a4f5f 100644 --- a/security/boringssl/distinfo +++ b/security/boringssl/distinfo @@ -1,4 +1,4 @@ -TIMESTAMP = 1749831968 +TIMESTAMP = 1750950234 SHA256 (filippo.io/edwards25519/@v/v1.1.0.zip) = 9ac43a686d06fdebd719f7af3866c87eb069302272dfb131007adf471c308b65 SIZE (filippo.io/edwards25519/@v/v1.1.0.zip) = 55809 SHA256 (filippo.io/edwards25519/@v/v1.1.0.mod) = 099556fc4d7e6f5cb135efdd8b6bb4c0932e38ea058c53fc5fa5ce285572fb61 @@ -11,5 +11,5 @@ SHA256 (golang.org/x/sys/@v/v0.32.0.zip) = 85d47075d21fd7ef35d9a47fc73f2356fb3cd SIZE (golang.org/x/sys/@v/v0.32.0.zip) = 1991164 SHA256 (golang.org/x/sys/@v/v0.32.0.mod) = f67e3e18f4c08e60a7e80726ab36b691fdcea5b81ae1c696ff64caf518bcfe3d SIZE (golang.org/x/sys/@v/v0.32.0.mod) = 35 -SHA256 (google-boringssl-0.0.0.0.2025.06.05.01-5622da9_GH0.tar.gz) = ae4f97f3adf33f578fc58bfa946e74f16cd1afec4bd213cc53d77c87be027c72 -SIZE (google-boringssl-0.0.0.0.2025.06.05.01-5622da9_GH0.tar.gz) = 46161255 +SHA256 (google-boringssl-0.0.0.0.2025.06.25.01-78b48c1_GH0.tar.gz) = 2cfaa5f01ecedb7d662d7b01cac6f2f5f873a52f694a44af69de9b8efcdb6e90 +SIZE (google-boringssl-0.0.0.0.2025.06.25.01-78b48c1_GH0.tar.gz) = 46168678 diff --git a/security/netbird/Makefile b/security/netbird/Makefile index c5ddbbccf8b7..4c189fbd0f94 100644 --- a/security/netbird/Makefile +++ b/security/netbird/Makefile @@ -1,6 +1,6 @@ PORTNAME= netbird DISTVERSIONPREFIX= v -DISTVERSION= 0.47.2 +DISTVERSION= 0.49.0 CATEGORIES= security net net-vpn MAINTAINER= hakan.external@netbird.io @@ -16,15 +16,15 @@ NOT_FOR_ARCHS_REASON= "no 32-bit builds supported" RUN_DEPENDS= ca_root_nss>0:security/ca_root_nss USES= go:modules -USE_RC_SUBR= netbird +USE_RC_SUBR= ${PORTNAME} GO_MODULE= github.com/netbirdio/netbird -GO_TARGET= ./client:netbird +GO_TARGET= ./client:${PORTNAME} GO_BUILDFLAGS= -tags freebsd -o ${PORTNAME} -ldflags \ "-s -w -X github.com/netbirdio/netbird/version.version=${DISTVERSION}" -WRKSRC= ${WRKDIR}/netbird-${DISTVERSION} +WRKSRC= ${WRKDIR}/${PORTNAME}-${DISTVERSION} -PLIST_FILES= bin/netbird +PLIST_FILES= bin/${PORTNAME} .include <bsd.port.mk> diff --git a/security/netbird/distinfo b/security/netbird/distinfo index 76ba6e320c5e..0806cc6f24f0 100644 --- a/security/netbird/distinfo +++ b/security/netbird/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1749687672 -SHA256 (go/security_netbird/netbird-v0.47.2/v0.47.2.mod) = dd8e2b5f3ee570d2ef933101c6fb7bc5de05dae258f0c7ea7602e8db42238acb -SIZE (go/security_netbird/netbird-v0.47.2/v0.47.2.mod) = 12507 -SHA256 (go/security_netbird/netbird-v0.47.2/v0.47.2.zip) = 8671becd05ff5437daa98b34e76819cd0908c1a040f49a369c9e26ed8cc64831 -SIZE (go/security_netbird/netbird-v0.47.2/v0.47.2.zip) = 2917482 +TIMESTAMP = 1750840361 +SHA256 (go/security_netbird/netbird-v0.49.0/v0.49.0.mod) = dd8e2b5f3ee570d2ef933101c6fb7bc5de05dae258f0c7ea7602e8db42238acb +SIZE (go/security_netbird/netbird-v0.49.0/v0.49.0.mod) = 12507 +SHA256 (go/security_netbird/netbird-v0.49.0/v0.49.0.zip) = c1aa8b8749cdb1a471425ce5aac7d90e318e6f6280f51a8b72ca18ad241f7bfb +SIZE (go/security_netbird/netbird-v0.49.0/v0.49.0.zip) = 2921705 diff --git a/security/netbird/files/netbird.in b/security/netbird/files/netbird.in index a05f7f099ee0..ddd19f27cd52 100644 --- a/security/netbird/files/netbird.in +++ b/security/netbird/files/netbird.in @@ -16,8 +16,8 @@ # Default: 'info' # netbird_logfile (path): Path to the client log file. # Default: /var/log/netbird/client.log -# netbird_env (str): Extra environment variables for the daemon, in KEY=VALUE format. -# Default: 'IS_DAEMON=1' +# netbird_tun_dev (str): Name of the TUN device used by Netbird for its VPN tunnel. +# Default: wt0 # . /etc/rc.subr @@ -32,11 +32,33 @@ load_rc_config "$name" : ${netbird_socket:="/var/run/netbird.sock"} : ${netbird_loglevel:="info"} : ${netbird_logfile:="/var/log/netbird/client.log"} -: ${netbird_env:="IS_DAEMON=1"} +: ${netbird_tun_dev:="wt0"} pidfile="/var/run/${name}.pid" command="/usr/sbin/daemon" daemon_args="-P ${pidfile} -r -t \"${name}: daemon\"" command_args="${daemon_args} %%PREFIX%%/bin/netbird service run --config ${netbird_config} --log-level ${netbird_loglevel} --daemon-addr unix://${netbird_socket} --log-file ${netbird_logfile}" +start_precmd="${name}_start_precmd" +stop_postcmd="${name}_stop_postcmd" + +netbird_start_precmd() { + logger -s -t netbird "Starting ${name}." + # Check for orphaned netbird tunnel interface + # And if it exists, then destroy it + if /sbin/ifconfig ${netbird_tun_dev} >/dev/null 2>&1; then + if ! /sbin/ifconfig ${netbird_tun_dev} | fgrep -qw PID; then + logger -s -t netbird "Found orphaned tunnel interface ${netbird_tun_dev}, destroying" + /sbin/ifconfig ${netbird_tun_dev} destroy + fi + fi +} + +netbird_stop_postcmd() { + if /sbin/ifconfig ${netbird_tun_dev} >/dev/null 2>&1; then + logger -s -t netbird "Destroying tunnel interface ${netbird_tun_dev}" + /sbin/ifconfig ${netbird_tun_dev} destroy || \ + logger -s -t netbird "Failed to destroy interface ${netbird_tun_dev}" + fi +} run_rc_command "$1" diff --git a/security/nuclei/Makefile b/security/nuclei/Makefile index 3a2828d806b2..bf4fd87882ba 100644 --- a/security/nuclei/Makefile +++ b/security/nuclei/Makefile @@ -1,6 +1,6 @@ PORTNAME= nuclei DISTVERSIONPREFIX= v -DISTVERSION= 3.4.4 +DISTVERSION= 3.4.5 CATEGORIES= security MAINTAINER= dutra@FreeBSD.org diff --git a/security/nuclei/distinfo b/security/nuclei/distinfo index a4c3ceade456..e4cf46444ae0 100644 --- a/security/nuclei/distinfo +++ b/security/nuclei/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1749429917 -SHA256 (go/security_nuclei/nuclei-v3.4.4/v3.4.4.mod) = 9e805e04dec4da32e582d774928290dd9b337ec1fd9fe49b5a38dc4f2d8fa9f3 -SIZE (go/security_nuclei/nuclei-v3.4.4/v3.4.4.mod) = 17916 -SHA256 (go/security_nuclei/nuclei-v3.4.4/v3.4.4.zip) = c574a8583455d3faaa9e50d87d24a2b8b283f22fecc796e2a58478c7525dddbd -SIZE (go/security_nuclei/nuclei-v3.4.4/v3.4.4.zip) = 12381056 +TIMESTAMP = 1750899492 +SHA256 (go/security_nuclei/nuclei-v3.4.5/v3.4.5.mod) = 5afbb1c8d97f83b0d2b11bd9bf677f5b88043b95241def65c6cdf11d290bbdbe +SIZE (go/security_nuclei/nuclei-v3.4.5/v3.4.5.mod) = 17916 +SHA256 (go/security_nuclei/nuclei-v3.4.5/v3.4.5.zip) = d88771513264794e0f2acb6c03682492363addc36b92c80330fb25ff747462ac +SIZE (go/security_nuclei/nuclei-v3.4.5/v3.4.5.zip) = 12383461 diff --git a/security/py-certifi/Makefile b/security/py-certifi/Makefile index c1a72415dd68..b4ae106315be 100644 --- a/security/py-certifi/Makefile +++ b/security/py-certifi/Makefile @@ -1,5 +1,5 @@ PORTNAME= certifi -PORTVERSION= 2025.4.26 +PORTVERSION= 2025.6.15 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -10,7 +10,7 @@ WWW= https://github.com/certifi/python-certifi LICENSE= MPL20 -BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}setuptools>=0:devel/py-setuptools@${PY_FLAVOR} \ +BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}setuptools>=42.0.0:devel/py-setuptools@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}wheel>=0:devel/py-wheel@${PY_FLAVOR} USES= python diff --git a/security/py-certifi/distinfo b/security/py-certifi/distinfo index 7bdf8d62e8ce..fe596debd52b 100644 --- a/security/py-certifi/distinfo +++ b/security/py-certifi/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1745936214 -SHA256 (certifi-2025.4.26.tar.gz) = 0a816057ea3cdefcef70270d2c515e4506bbc954f417fa5ade2021213bb8f0c6 -SIZE (certifi-2025.4.26.tar.gz) = 160705 +TIMESTAMP = 1750188134 +SHA256 (certifi-2025.6.15.tar.gz) = d747aa5a8b9bbbb1bb8c22bb13e22bd1f18e9796defa16bab421f7f7a317323b +SIZE (certifi-2025.6.15.tar.gz) = 158753 diff --git a/security/py-webauthn/Makefile b/security/py-webauthn/Makefile index 2c97531fd969..0224d6c5af41 100644 --- a/security/py-webauthn/Makefile +++ b/security/py-webauthn/Makefile @@ -1,5 +1,5 @@ PORTNAME= webauthn -PORTVERSION= 2.5.2 +PORTVERSION= 2.6.0 CATEGORIES= security python MASTER_SITES= PYPI PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -12,7 +12,7 @@ WWW= https://duo-labs.github.io/py_webauthn/ \ LICENSE= BSD3CLAUSE LICENSE_FILE= ${WRKSRC}/LICENSE -BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}setuptools>=0:devel/py-setuptools@${PY_FLAVOR} \ +BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}setuptools>=61.0:devel/py-setuptools@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}wheel>=0:devel/py-wheel@${PY_FLAVOR} RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}asn1crypto>=1.5.1:devel/py-asn1crypto@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}cbor2>=5.6.5:devel/py-cbor2@${PY_FLAVOR} \ diff --git a/security/py-webauthn/distinfo b/security/py-webauthn/distinfo index 3490692fa0ea..4b6631072a69 100644 --- a/security/py-webauthn/distinfo +++ b/security/py-webauthn/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1749813110 -SHA256 (webauthn-2.5.2.tar.gz) = 09c13dfc1c68c810f32fa4d89b1d37acb9f9ae9091c9d7019e313be4525a95ef -SIZE (webauthn-2.5.2.tar.gz) = 124114 +TIMESTAMP = 1750188136 +SHA256 (webauthn-2.6.0.tar.gz) = 13cf5b009a64cef569599ffecf24550df1d7c0cd4fbaea870f937148484a80b4 +SIZE (webauthn-2.6.0.tar.gz) = 123608 diff --git a/security/py-webauthn/files/patch-pyproject.toml b/security/py-webauthn/files/patch-pyproject.toml new file mode 100644 index 000000000000..e2799155d521 --- /dev/null +++ b/security/py-webauthn/files/patch-pyproject.toml @@ -0,0 +1,12 @@ +--- pyproject.toml.orig 2025-06-16 22:25:09 UTC ++++ pyproject.toml +@@ -7,8 +7,7 @@ readme = "README.md" + dynamic = ["version"] + description = "Pythonic WebAuthn" + readme = "README.md" +-license = "BSD-3-Clause" +-license-files = ["LICENSE"] ++license = { text = "BSD-3-Clause" } + keywords = ["webauthn", "fido2"] + authors = [{ name = "Duo Labs", email = "labs@duo.com" }] + classifiers = [ diff --git a/security/rubygem-rasn1/Makefile b/security/rubygem-rasn1/Makefile index 5a7fc4753d36..a9dda07d9e6f 100644 --- a/security/rubygem-rasn1/Makefile +++ b/security/rubygem-rasn1/Makefile @@ -1,5 +1,5 @@ PORTNAME= rasn1 -PORTVERSION= 0.15.0 +PORTVERSION= 0.16.0 CATEGORIES= security rubygems MASTER_SITES= RG diff --git a/security/rubygem-rasn1/distinfo b/security/rubygem-rasn1/distinfo index 4cd85543dcce..a19adb8a6d67 100644 --- a/security/rubygem-rasn1/distinfo +++ b/security/rubygem-rasn1/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1736671257 -SHA256 (rubygem/rasn1-0.15.0.gem) = 6d3a8c94f8dbdbdc346f1a17ad905e99bbe6c754b1effba80d857b94f8ce5600 -SIZE (rubygem/rasn1-0.15.0.gem) = 29696 +TIMESTAMP = 1750188250 +SHA256 (rubygem/rasn1-0.16.0.gem) = c3f482cd6163822f98f31e3397b0528f3abe1f244093095abf0946e656be5c2b +SIZE (rubygem/rasn1-0.16.0.gem) = 29696 diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml index 88ecf66a42a7..a13b0b1015ce 100644 --- a/security/vuxml/vuln/2025.xml +++ b/security/vuxml/vuln/2025.xml @@ -1,3 +1,235 @@ + <vuln vid="5e64770c-52aa-11f0-b522-b42e991fc52e"> + <topic>MongoDB -- Running certain aggregation operations with the SBE engine may lead to unexpected behavior</topic> + <affects> + <package> + <name>mongodb60</name> + <range><lt>6.0.21</lt></range> + </package> + <package> + <name>mongodb70</name> + <range><lt>7.0.17</lt></range> + </package> + <package> + <name>mongodb80</name> + <range><lt>8.0.4</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>cna@mongodb.com reports:</p> + <blockquote cite="https://jira.mongodb.org/browse/SERVER-106746"> + <p>An authenticated user may trigger a use after free that may result + in MongoDB Server crash and other unexpected behavior, even if the + user does not have authorization to shut down a server. The crash + is triggered on affected versions by issuing an aggregation framework + operation using a specific combination of rarely-used aggregation + pipeline expressions. This issue affects MongoDB Server v6.0 version + prior to 6.0.21, MongoDB Server v7.0 version prior to 7.0.17 and + MongoDB Server v8.0 version prior to 8.0.4 when the SBE engine is + enabled.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-6706</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-6706</url> + </references> + <dates> + <discovery>2025-06-26</discovery> + <entry>2025-06-26</entry> + </dates> + </vuln> + + <vuln vid="5cd2bd2b-52aa-11f0-b522-b42e991fc52e"> + <topic>MongoDB -- Race condition in privilege cache invalidation cycle</topic> + <affects> + <package> + <name>mongodb50</name> + <range><lt>5.0.31</lt></range> + </package> + <package> + <name>mongodb60</name> + <range><lt>6.0.24</lt></range> + </package> + <package> + <name>mongodb70</name> + <range><lt>7.0.21</lt></range> + </package> + <package> + <name>mongodb80</name> + <range><lt>8.0.5</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>NVD reports:</p> + <blockquote cite="https://nvd.nist.gov/vuln/detail/CVE-2025-6707"> + <p>Under certain conditions, an authenticated user request + may execute with stale privileges following an intentional + change by an authorized administrator.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-6707</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-6707</url> + </references> + <dates> + <discovery>2025-06-26</discovery> + <entry>2025-06-26</entry> + </dates> + </vuln> + + <vuln vid="5b87eef6-52aa-11f0-b522-b42e991fc52e"> + <topic>MongoDB -- Pre-Authentication Denial of Service Vulnerability in MongoDB Server's OIDC Authentication</topic> + <affects> + <package> + <name>mongodb60</name> + <range><lt>6.0.21</lt></range> + </package> + <package> + <name>mongodb70</name> + <range><lt>7.0.17</lt></range> + </package> + <package> + <name>mongodb80</name> + <range><lt>8.0.5</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>NVD reports:</p> + <blockquote cite="https://nvd.nist.gov/vuln/detail/CVE-2025-6709"> + <p>The MongoDB Server is susceptible to a denial of service + vulnerability due to improper handling of specific date + values in JSON input when using OIDC authentication. + This can be reproduced using the mongo shell to send a + malicious JSON payload leading to an invariant failure + and server crash. </p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-6709</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-6709</url> + </references> + <dates> + <discovery>2025-06-26</discovery> + <entry>2025-06-26</entry> + </dates> + </vuln> + + <vuln vid="59ed4b19-52aa-11f0-b522-b42e991fc52e"> + <topic>MongoDB -- Pre-authentication Denial of Service Stack Overflow Vulnerability in JSON Parsing via Excessive Recursion in MongoDB</topic> + <affects> + <package> + <name>mongodb70</name> + <range><lt>7.0.17</lt></range> + </package> + <package> + <name>mongodb80</name> + <range><lt>8.0.5</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>cna@mongodb.com reports:</p> + <blockquote cite="https://jira.mongodb.org/browse/SERVER-106749"> + <p>MongoDB Server may be susceptible to stack overflow due to JSON + parsing mechanism, where specifically crafted JSON inputs may induce + unwarranted levels of recursion, resulting in excessive stack space + consumption. Such inputs can lead to a stack overflow that causes + the server to crash which could occur pre-authorisation. This issue + affects MongoDB Server v7.0 versions prior to 7.0.17 and MongoDB + Server v8.0 versions prior to 8.0.5. + The same issue affects MongoDB Server v6.0 versions prior to 6.0.21, + but an attacker can only induce denial of service after authenticating.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-6710</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-6710</url> + </references> + <dates> + <discovery>2025-06-26</discovery> + <entry>2025-06-26</entry> + </dates> + </vuln> + + <vuln vid="e26608ff-5266-11f0-b522-b42e991fc52e"> + <topic>kanboard -- Password Reset Poisoning via Host Header Injection</topic> + <affects> + <package> + <name>kanboard</name> + <range><lt>1.2.45</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>GitHub Security Advisories reports:</p> + <blockquote cite="null"> + <p> + Kanboard allows password reset emails to be sent with URLs + derived from the unvalidated Host header when the + application_url configuration is unset (default behavior). + This allows an attacker to craft a malicious password + reset link that leaks the token to an attacker-controlled + domain. If a victim (including an administrator) clicks + the poisoned link, their account can be taken over. This + affects all users who initiate a password reset while + application_url is not set. + </p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-52560</cvename> + <url>https://nvd.nist.gov/vuln/detail/CVE-2025-52560</url> + </references> + <dates> + <discovery>2025-06-26</discovery> + <entry>2025-06-26</entry> + </dates> + </vuln> + + <vuln vid="d45dabd9-5232-11f0-9ca4-2cf05da270f3"> + <topic>Gitlab -- Vulnerabilities</topic> + <affects> + <package> + <name>gitlab-ce</name> + <name>gitlab-ee</name> + <range><ge>18.1.0</ge><lt>18.1.1</lt></range> + <range><ge>18.0.0</ge><lt>18.0.3</lt></range> + <range><ge>16.10.0</ge><lt>17.11.5</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Gitlab reports:</p> + <blockquote cite="https://about.gitlab.com/releases/2025/06/25/patch-release-gitlab-18-1-1-released/"> + <p>Denial of Service impacts GitLab CE/EE</p> + <p>Missing Authentication issue impacts GitLab CE/EE</p> + <p>Improper access control issue impacts GitLab CE/EE</p> + <p>Elevation of Privilege impacts GitLab CE/EE</p> + <p>Improper access control issue impacts GitLab EE</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-3279</cvename> + <cvename>CVE-2025-1754</cvename> + <cvename>CVE-2025-5315</cvename> + <cvename>CVE-2025-2938</cvename> + <cvename>CVE-2025-5846</cvename> + <url>https://about.gitlab.com/releases/2025/06/25/patch-release-gitlab-18-1-1-released/</url> + </references> + <dates> + <discovery>2025-06-25</discovery> + <entry>2025-06-26</entry> + </dates> + </vuln> + <vuln vid="03ba1cdd-4faf-11f0-af06-00a098b42aeb"> <topic>cisco -- OpenH264 Decoding Functions Heap Overflow Vulnerability</topic> <affects> |