FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-09-04 07:16:14 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
df126e23-24fa-11f0-ab92-f02f7497ecda	h11 accepts some malformed Chunked-Encoding bodies h11 reports: h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since exploitation requires the combination of buggy h11 with a buggy (reverse) proxy, fixing either component is sufficient to mitigate this issue. Discovery 2025-04-24 Entry 2025-04-29 py39-h11 py310-h11 py311-h11 py312-h11 < 0.16.0 CVE-2025-43859 https://nvd.nist.gov/vuln/detail/CVE-2025-43859

VuXML ID

Description

df126e23-24fa-11f0-ab92-f02f7497ecda

h11 accepts some malformed Chunked-Encoding bodies

h11 reports:

h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since exploitation requires the combination of buggy h11 with a buggy (reverse) proxy, fixing either component is sufficient to mitigate this issue.

Discovery 2025-04-24
Entry 2025-04-29
py39-h11
py310-h11
py311-h11
py312-h11

< 0.16.0

CVE-2025-43859
https://nvd.nist.gov/vuln/detail/CVE-2025-43859