Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:

Please report security issues to the FreeBSD Security Team at . Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.


Entered Topic
2018-11-09 lighttpd - use-after-free vulnerabilities
2016-08-03 lighttpd - multiple vulnerabilities
2015-08-10 lighttpd -- Log injection vulnerability in mod_auth
2014-02-14 lighttpd -- multiple vulnerabilities
2012-11-21 lighttpd -- remote DoS in header parsing
2011-12-28 lighttpd -- remote DoS in HTTP authentication
2010-02-16 lighttpd -- denial of service vulnerability
2008-09-27 lighttpd -- multiple vulnerabilities
2008-04-13 lighttpd -- OpenSSL Error Queue Denial of Service Vulnerability
2007-09-10 lighttpd -- FastCGI header overrun in mod_fastcgi
2007-07-21 lighttpd -- multiple vulnerabilities
2007-04-14 lighttpd -- DOS when access files with mtime 0
lighttpd -- Remote DOS in CRLF parsing
2005-03-01 lighttpd -- script source disclosure vulnerability