FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
6fd773d3-bc5a-11ea-b38d-f0def1d0c3eatrafficserver -- resource consumption

Bryan Call reports:

ATS is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to allocate a large amount of memory and spin the thread.


Discovery 2020-06-24
Entry 2020-07-02
trafficserver
< 8.0.8

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9494
CVE-2020-9494
6318b303-3507-11e4-b76c-0011d823eebdtrafficserver -- unspecified vulnerability

Bryan Call reports:

Below is our announcement for the security issue reported to us from Yahoo! Japan. All versions of Apache Traffic Server are vulnerable. We urge users to upgrade to either 4.2.1.1 or 5.0.1 immediately.

This fixes CVE-2014-3525 and limits access to how the health checks are performed.


Discovery 2014-07-23
Entry 2014-09-05
trafficserver
< 5.0.1

CVE-2014-3525
http://mail-archives.apache.org/mod_mbox/trafficserver-users/201407.mbox/%3CBFCEC9C8-1BE9-4DCA-AF9C-B8FE798EEC07@yahoo-inc.com%3E