FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-31 16:42:47 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a8448963-e6f5-11ee-a784-dca632daf43b	databases/mongodb* -- Improper Certificate Validation MongoDB, Inc. reports: A security vulnerability was found where a server process running MongoDB 3.2.6 or later will allow incoming connections to skip peer certificate validation if the server process was started with TLS enabled (net.tls.mode set to allowTLS, preferTLS, or requireTLS) and without a net.tls.CAFile configured (CVE-2024-1351). Discovery 2024-03-07 Entry 2024-03-20 mongodb44 < 4.4.29 mongodb50 < 5.0.25 mongodb60 < 6.0.14 mongodb70 < 7.0.6 CVE-2024-1351 https://nvd.nist.gov/vuln/detail/CVE-2024-1351

VuXML ID

Description

a8448963-e6f5-11ee-a784-dca632daf43b

databases/mongodb* -- Improper Certificate Validation

MongoDB, Inc. reports:

A security vulnerability was found where a server process running MongoDB 3.2.6 or later will allow incoming connections to skip peer certificate validation if the server process was started with TLS enabled (net.tls.mode set to allowTLS, preferTLS, or requireTLS) and without a net.tls.CAFile configured (CVE-2024-1351).

Discovery 2024-03-07
Entry 2024-03-20
mongodb44

< 4.4.29

mongodb50

< 5.0.25

mongodb60

< 6.0.14

mongodb70

< 7.0.6

CVE-2024-1351
https://nvd.nist.gov/vuln/detail/CVE-2024-1351