GCVE - cpe:2.3:o:freebsd:freebsd:13.2:p8:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:freebsd:freebsd:13.2:p8:*:*:*:*:*:*

part: o version: 13.2 update: p8

Vendor	Freebsd (`1e86ea60-a74f-5f45-ac35-3eb819c9e064`)
Product	Freebsd (`be9b20ed-2a20-5a94-a224-b1a6fdcacb17`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/freebsd/freebsd-src`	purl2cpe	2026-06-01 10:12:45.165397

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-6387`	vulnerable	2026-06-08 06:58:19.226034	Openssh: regresshion - race condition in ssh allows rce/dos HIGH (8.1) A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. Published: 2024-07-01T12:37:25.431Z Updated: 2026-05-12T11:39:26.672Z Open on db.gcve.eu Reference links https://access.redhat.com/errata/RHSA-2024:4312 https://access.redhat.com/errata/RHSA-2024:4340 https://access.redhat.com/errata/RHSA-2024:4389 https://access.redhat.com/errata/RHSA-2024:4469 https://access.redhat.com/errata/RHSA-2024:4474	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-25941`	vulnerable	2026-06-08 06:31:24.063178	jail(2) information leak The jail(2) system call has not limited a visiblity of allocated TTYs (the kern.ttys sysctl). This gives rise to an information leak about processes outside the current jail. Attacker can get information about TTYs allocated on the host or in other jails. Effectively, the information printed by "pstat -t" may be leaked. Published: 2024-02-15T04:27:06.726Z Updated: 2025-02-13T17:40:55.115Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-24:02.tty.asc https://security.netapp.com/advisory/ntap-20240510-0003/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-25940`	vulnerable	2026-06-08 06:31:24.054398	bhyveload(8) host file access `bhyveload -h <host-path>` may be used to grant loader access to the <host-path> directory tree on the host. Affected versions of bhyveload(8) do not make any attempt to restrict loader's access to <host-path>, allowing the loader to read any file the host user has access to. In the bhyveload(8) model, the host supplies a userboot.so to boot with, but the loader scripts generally come from the guest image. A maliciously crafted script could be used to exfiltrate sensitive data from the host accessible to the user running bhyhveload(8), which is often the system root. Published: 2024-02-15T04:21:57.624Z Updated: 2025-02-13T17:40:54.448Z Open on db.gcve.eu Reference links https://security.freebsd.org/advisories/FreeBSD-SA-24:01.bhyveload.asc https://security.netapp.com/advisory/ntap-20240419-0004/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.