ReportizFlow
Filtered by vendor Debian
Subscriptions
Filtered by product Freedombox
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-25073 | 1 Debian | 1 Freedombox | 2024-11-21 | 5.3 Medium |
| FreedomBox through 20.13 allows remote attackers to obtain sensitive information from the /server-status page of the Apache HTTP Server, because a connection from the Tor onion service (or from PageKite) is considered a local connection. This affects both the freedombox and plinth packages of some Linux distributions, but only if the Apache mod_status module is enabled. | ||||
Page 1 of 1.