FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-16 06:42:40 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
e9d1e040-42c9-11e6-9608-20cf30e32f6d	apache24 -- X509 Client certificate based authentication can be bypassed when HTTP/2 is used Apache Software Foundation reports: The Apache HTTPD web server (from 2.4.18-2.4.20) did not validate a X509 client certificate correctly when experimental module for the HTTP/2 protocol is used to access a resource. The net result is that a resource that should require a valid client certificate in order to get access can be accessed without that credential. Discovery 2016-07-01 Entry 2016-07-05 apache24 ge 2.4.18 lt 2.4.23 CVE-2016-4979 http://mail-archives.apache.org/mod_mbox/httpd-announce/201607.mbox/CVE-2016-4979-68283

VuXML ID

Description

e9d1e040-42c9-11e6-9608-20cf30e32f6d

apache24 -- X509 Client certificate based authentication can be bypassed when HTTP/2 is used

Apache Software Foundation reports:

The Apache HTTPD web server (from 2.4.18-2.4.20) did not validate a X509 client certificate correctly when experimental module for the HTTP/2 protocol is used to access a resource.

The net result is that a resource that should require a valid client certificate in order to get access can be accessed without that credential.

Discovery 2016-07-01
Entry 2016-07-05
apache24

ge 2.4.18 lt 2.4.23

CVE-2016-4979
http://mail-archives.apache.org/mod_mbox/httpd-announce/201607.mbox/CVE-2016-4979-68283