Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:

Please report security issues to the FreeBSD Security Team at . Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.


Entered Topic
2023-10-10 h2o -- HTTP/2 Rapid Reset attack vulnerability
2023-04-30 h2o -- Malformed HTTP/1.1 causes Out-of-Memory Denial of Service
2019-08-25 h2o -- multiple HTTP/2 vulnerabilities
2018-07-03 h2o -- heap buffer overflow during logging
2017-10-17 h2o -- DoS in workers
2016-12-29 h2o -- Use-after-free vulnerability
2016-09-14 h2o -- fix DoS attack vector
2016-06-01 h2o -- use after free on premature connection close
2016-01-15 h2o -- directory traversal vulnerability
2015-09-16 h2o -- directory traversal vulnerability