MidnightBSD

Advisories for macports

CVE-2024-11681

A malicious or compromised MacPorts mirror can execute arbitrary commands as root on the machine of a client running port selfupdate against the mirror.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.8 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N 2.3 4.0

Products Affected

Vendor Product Version
macports macports *