FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-11 14:10:47 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
2ce1a2f1-0177-11ef-a45e-08002784c58d	ruby -- Arbitrary memory address read vulnerability with Regex search sp2ip reports: If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings. Discovery 2024-04-23 Entry 2024-04-23 ruby >= 3.1.0,1 lt 3.1.5,1 >= 3.2.0,1 lt 3.2.4,1 >= 3.3.0,1 lt 3.3.1,1 ruby31 >= 3.1.0,1 lt 3.1.5,1 ruby32 >= 3.2.0,1 lt 3.2.4,1 ruby33 >= 3.3.0,1 lt 3.3.1,1 CVE-2024-27282 https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/

VuXML ID

Description

2ce1a2f1-0177-11ef-a45e-08002784c58d

ruby -- Arbitrary memory address read vulnerability with Regex search

sp2ip reports:

If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings.

Discovery 2024-04-23
Entry 2024-04-23
ruby

>= 3.1.0,1 lt 3.1.5,1

>= 3.2.0,1 lt 3.2.4,1

>= 3.3.0,1 lt 3.3.1,1

ruby31

>= 3.1.0,1 lt 3.1.5,1

ruby32

>= 3.2.0,1 lt 3.2.4,1

ruby33

>= 3.3.0,1 lt 3.3.1,1

CVE-2024-27282
https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/