This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-19 20:48:44 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
2c6af5c3-4d36-11ec-a539-0800270512f4 | rubygem-cgi -- buffer overrun in CGI.escape_html chamal reports:
Discovery 2021-11-24 Entry 2021-11-24 ruby ge 2.7.0,1 lt 2.7.5,1 ge 3.0.0,1 lt 3.0.3,1 ruby27 ge 2.7.0,1 lt 2.7.5,1 ruby30 ge 3.0.0,1 lt 3.0.3,1 rubygem-cgi < 0.3.1 CVE-2021-41816 https://www.ruby-lang.org/en/news/2021/11/24/buffer-overrun-in-cgi-escape_html-cve-2021-41816/ |
4548ec97-4d38-11ec-a539-0800270512f4 | rubygem-cgi -- cookie prefix spoofing in CGI::Cookie.parse ooooooo_q reports:
Discovery 2021-11-24 Entry 2021-11-24 ruby ge 2.6.0,1 lt 2.6.9,1 ge 2.7.0,1 lt 2.7.5,1 ge 3.0.0,1 lt 3.0.3,1 ruby26 ge 2.6.0,1 lt 2.6.9,1 ruby27 ge 2.7.0,1 lt 2.7.5,1 ruby30 ge 3.0.0,1 lt 3.0.3,1 rubygem-cgi < 0.3.1 CVE-2021-41819 https://www.ruby-lang.org/en/news/2021/11/24/cookie-prefix-spoofing-in-cgi-cookie-parse-cve-2021-41819/ |
6916ea94-4628-11ec-bbe2-0800270512f4 | rubygem-date -- Regular Expression Denial of Service Vunlerability of Date Parsing Methods Stanislav Valkanov reports:
Discovery 2021-11-15 Entry 2021-11-15 Modified 2021-11-24 ruby ge 2.6.0,1 lt 2.6.9,1 ge 2.7.0,1 lt 2.7.5,1 ge 3.0.0,1 lt 3.0.3,1 ruby26 ge 2.6.0,1 lt 2.6.9,1 ruby27 ge 2.7.0,1 lt 2.7.5,1 ruby30 ge 3.0.0,1 lt 3.0.3,1 rubygem-date < 3.2.1 CVE-2021-41817 https://www.ruby-lang.org/en/news/2021/11/15/date-parsing-method-regexp-dos-cve-2021-41817/ |
7ed5779c-e4c7-11eb-91d7-08002728f74c | Ruby -- multiple vulnerabilities Ruby news:
Discovery 2021-07-07 Entry 2021-07-14 ruby26 < 2.6.8,1 ruby < 2.7.4,1 ruby30 < 3.0.2,1 CVE-2021-31799 CVE-2021-31810 CVE-2021-32066 https://www.ruby-lang.org/en/news/2021/07/07/ruby-2-6-8-released/ https://www.ruby-lang.org/en/news/2021/07/07/ruby-2-7-4-released/ https://www.ruby-lang.org/en/news/2021/07/07/ruby-3-0-2-released/ https://www.ruby-lang.org/en/news/2021/05/02/os-command-injection-in-rdoc/ https://www.ruby-lang.org/en/news/2021/07/07/starttls-stripping-in-net-imap/ https://www.ruby-lang.org/en/news/2021/07/07/trusting-pasv-responses-in-net-ftp/ |