FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
06ed6a49-bad4-11ec-9cfe-0800270512f4Ruby -- Buffer overrun in String-to-Float conversion

piao reports:

Due to a bug in an internal function that converts a String to a Float, some convertion methods like Kernel#Float and String#to_f could cause buffer over-read. A typical consequence is a process termination due to segmentation fault, but in a limited circumstances, it may be exploitable for illegal memory read.


Discovery 2022-04-12
Entry 2022-04-13
ruby
ge 2.7.0,1 lt 2.7.6,1

ge 3.0.0,1 lt 3.0.4,1

ge 3.1.0,1 lt 3.1.2,1

ge 3.2.0.p1,1 lt 3.2.0.p1_1,1

ruby27
ge 2.7.0,1 lt 2.7.6,1

ruby30
ge 3.0.0,1 lt 3.0.4,1

ruby31
ge 3.1.0,1 lt 3.1.2,1

ruby32
ge 3.2.0.p1,1 lt 3.2.0.p1_1,1

CVE-2022-28739
https://www.ruby-lang.org/en/news/2022/04/12/buffer-overrun-in-string-to-float-cve-2022-28739/
2c6af5c3-4d36-11ec-a539-0800270512f4rubygem-cgi -- buffer overrun in CGI.escape_html

chamal reports:

A security vulnerability that causes buffer overflow when you pass a very large string (> 700 MB) to CGI.escape_html on a platform where long type takes 4 bytes, typically, Windows.


Discovery 2021-11-24
Entry 2021-11-24
ruby
ge 2.7.0,1 lt 2.7.5,1

ge 3.0.0,1 lt 3.0.3,1

ruby27
ge 2.7.0,1 lt 2.7.5,1

ruby30
ge 3.0.0,1 lt 3.0.3,1

rubygem-cgi
< 0.3.1

CVE-2021-41816
https://www.ruby-lang.org/en/news/2021/11/24/buffer-overrun-in-cgi-escape_html-cve-2021-41816/
4548ec97-4d38-11ec-a539-0800270512f4rubygem-cgi -- cookie prefix spoofing in CGI::Cookie.parse

ooooooo_q reports:

The old versions of CGI::Cookie.parse applied URL decoding to cookie names. An attacker could exploit this vulnerability to spoof security prefixes in cookie names, which may be able to trick a vulnerable application.

By this fix, CGI::Cookie.parse no longer decodes cookie names. Note that this is an incompatibility if cookie names that you are using include non-alphanumeric characters that are URL-encoded.


Discovery 2021-11-24
Entry 2021-11-24
ruby
ge 2.6.0,1 lt 2.6.9,1

ge 2.7.0,1 lt 2.7.5,1

ge 3.0.0,1 lt 3.0.3,1

ruby26
ge 2.6.0,1 lt 2.6.9,1

ruby27
ge 2.7.0,1 lt 2.7.5,1

ruby30
ge 3.0.0,1 lt 3.0.3,1

rubygem-cgi
< 0.3.1

CVE-2021-41819
https://www.ruby-lang.org/en/news/2021/11/24/cookie-prefix-spoofing-in-cgi-cookie-parse-cve-2021-41819/
6916ea94-4628-11ec-bbe2-0800270512f4rubygem-date -- Regular Expression Denial of Service Vunlerability of Date Parsing Methods

Stanislav Valkanov reports:

Date's parsing methods including Date.parse are using Regexps internally, some of which are vulnerable against regular expression denial of service. Applications and libraries that apply such methods to untrusted input may be affected.


Discovery 2021-11-15
Entry 2021-11-15
Modified 2021-11-24
ruby
ge 2.6.0,1 lt 2.6.9,1

ge 2.7.0,1 lt 2.7.5,1

ge 3.0.0,1 lt 3.0.3,1

ruby26
ge 2.6.0,1 lt 2.6.9,1

ruby27
ge 2.7.0,1 lt 2.7.5,1

ruby30
ge 3.0.0,1 lt 3.0.3,1

rubygem-date
< 3.2.1

CVE-2021-41817
https://www.ruby-lang.org/en/news/2021/11/15/date-parsing-method-regexp-dos-cve-2021-41817/
84ab03b6-6c20-11ed-b519-080027f5fec9rubygem-cgi -- HTTP response splitting vulnerability

Hiroshi Tokumaru reports:

If an application that generates HTTP responses using the cgi gem with untrusted user input, an attacker can exploit it to inject a malicious HTTP response header and/or body.

Also, the contents for a CGI::Cookie object were not checked properly. If an application creates a CGI::Cookie object based on user input, an attacker may exploit it to inject invalid attributes in Set-Cookie header. We think such applications are unlikely, but we have included a change to check arguments for CGI::Cookie#initialize preventatively.


Discovery 2022-11-22
Entry 2022-11-24
rubygem-cgi
< 0.3.4

ruby
ge 2.7.0,1 lt 2.7.7,1

ge 3.0.0,1 lt 3.0.5,1

ge 3.1.0,1 lt 3.1.3,1

ge 3.2.0.p1,1 lt 3.2.0.r1,1

ruby27
ge 2.7.0,1 lt 2.7.7,1

ruby30
ge 3.0.0,1 lt 3.0.5,1

ruby31
ge 3.1.0,1 lt 3.1.3,1

ruby32
ge 3.2.0.p1,1 lt 3.2.0.r1,1

CVE-2021-33621
https://www.ruby-lang.org/en/news/2022/11/22/http-response-splitting-in-cgi-cve-2021-33621/