This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-05-09 22:37:04 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
08664d42-7989-11e6-b7a8-74d02b9a84d5 | h2o -- fix DoS attack vector Frederik Deweerdt reported a denial-of-service attack vector due to an unhandled error condition during socket connection. Discovery 2016-06-09 Entry 2016-09-14 h2o < 2.0.4 https://github.com/h2o/h2o/issues/1077 CVE-2016-4864 |
4da51989-5a8b-4eb9-b442-46d94ec0802d | h2o -- Malformed HTTP/1.1 causes Out-of-Memory Denial of Service Elijah Glover reports:
Discovery 2023-04-27 Entry 2023-04-30 h2o le 2.2.6 h2o-devel < 2.3.0.d.20230427 CVE-2023-30847 https://github.com/h2o/h2o/security/advisories/GHSA-p5hj-phwj-hrvx |
73b1e734-c74e-11e9-8052-0028f8d09152 | h2o -- multiple HTTP/2 vulnerabilities Jonathon Loomey of Netflix reports:
Discovery 2019-08-13 Entry 2019-08-25 h2o < 2.2.6 https://github.com/h2o/h2o/issues/2090 https://www.kb.cert.org/vuls/id/605641/ CVE-2019-9512 CVE-2019-9514 CVE-2019-9515 |
10c0fabc-b5da-11e7-816e-00bd5d1fff09 | h2o -- DoS in workers Frederik Deweerdt reports:
Discovery 2017-07-19 Entry 2017-10-17 h2o < 2.2.3 CVE-2017-10868 CVE-2017-10869 https://github.com/h2o/h2o/issues/1459 https://github.com/h2o/h2o/issues/1460 https://github.com/h2o/h2o/releases/tag/v2.2.3 |
6c808811-bb9a-11e5-a65c-485d605f4717 | h2o -- directory traversal vulnerability Yakuzo OKU reports:
Discovery 2016-01-13 Entry 2016-01-15 h2o < 1.6.2 CVE-2016-1133 https://h2o.examp1e.net/vulnerabilities.html |
bf545001-b96d-42e4-9d2e-60fdee204a43 | h2o -- HTTP/2 Rapid Reset attack vulnerability Kazuo Okuhu reports:
Discovery 2023-10-10 Entry 2023-10-10 h2o le 2.2.6 h2o-devel < 2.3.0.d.20231010 CVE-2023-44487 https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf |
d0b12952-cb86-11e6-906f-0cc47a065786 | h2o -- Use-after-free vulnerability Kazuho Oku reports:
Discovery 2016-09-09 Entry 2016-12-29 h2o < 2.0.4_2 https://github.com/h2o/h2o/releases/tag/v2.0.5 https://github.com/h2o/h2o/issues/1144 |
65bb1858-27de-11e6-b714-74d02b9a84d5 | h2o -- use after free on premature connection close Tim Newsha reports:
Discovery 2016-05-17 Entry 2016-06-01 h2o < 1.7.3 https://h2o.examp1e.net/vulnerabilities.html |
ce39379f-7eb7-11e8-ab03-00bd7f19ff09 | h2o -- heap buffer overflow during logging Marlies Ruck reports:
Discovery 2018-06-01 Entry 2018-07-03 h2o < 2.2.5 CVE-2018-0608 https://github.com/h2o/h2o/issues/1775 https://github.com/h2o/h2o/releases/tag/v2.2.5 |