FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-02-13 20:06:50 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
088b8b7d-446c-11ef-b611-84a93843eb75	Apache httpd -- Source code disclosure with handlers configured via AddType The Apache httpd project reports: source code disclosure with handlers configured via AddType (CVE-2024-40725) (Important): A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Discovery 2024-07-17 Entry 2024-07-17 apache24 >= 2.4.60 lt 2.4.62 CVE-2024-40725 https://httpd.apache.org/security/vulnerabilities_24.html
5d921a8c-3a43-11ef-b611-84a93843eb75	Apache httpd -- source code disclosure The Apache httpd project reports: isource code disclosure with handlers configured via AddType (CVE-2024-39884) (Important). A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Discovery 2024-07-04 Entry 2024-07-04 apache24 >= 2.4.60 lt 2.4.61 CVE-2024-39884 https://httpd.apache.org/security/vulnerabilities_24.html

VuXML ID

Description

088b8b7d-446c-11ef-b611-84a93843eb75

Apache httpd -- Source code disclosure with handlers configured via AddType

The Apache httpd project reports:

source code disclosure with handlers configured via AddType (CVE-2024-40725) (Important): A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.

Discovery 2024-07-17
Entry 2024-07-17
apache24

>= 2.4.60 lt 2.4.62

CVE-2024-40725
https://httpd.apache.org/security/vulnerabilities_24.html

5d921a8c-3a43-11ef-b611-84a93843eb75

Apache httpd -- source code disclosure

The Apache httpd project reports:

isource code disclosure with handlers configured via AddType (CVE-2024-39884) (Important). A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.

Discovery 2024-07-04
Entry 2024-07-04
apache24

>= 2.4.60 lt 2.4.61

CVE-2024-39884
https://httpd.apache.org/security/vulnerabilities_24.html