FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  374826
Date:      2014-12-16
Time:      22:06:31Z
Committer: cs

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
742eb9e4-e3cb-4f5a-b94e-0e9a39420600ruby-gems -- Algorithmic Complexity Vulnerability

Ruby Gem developers report:

The patch for CVE-2013-4363 was insufficiently verified so the combined regular expression for verifying gem version remains vulnerable following CVE-2013-4363.

RubyGems validates versions with a regular expression that is vulnerable to denial of service due to backtracking. For specially crafted RubyGems versions attackers can cause denial of service through CPU consumption.


Discovery 2013-09-24
Entry 2013-11-24
ruby19-gems
lt 1.8.27

ruby20-gems
lt 1.8.27

CVE-2013-4363
54237182-9635-4a8b-92d7-33bfaeed84cdruby-gems -- Algorithmic Complexity Vulnerability

Ruby Gem developers report:

RubyGems validates versions with a regular expression that is vulnerable to denial of service due to backtracking. For specially crafted RubyGems versions attackers can cause denial of service through CPU consumption.


Discovery 2013-09-09
Entry 2013-11-24
ruby19-gems
lt 1.8.26

ruby20-gems
lt 1.8.26

CVE-2013-4287