FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID Description

VuXML ID	Description
6916ea94-4628-11ec-bbe2-0800270512f4	rubygem-date -- Regular Expression Denial of Service Vunlerability of Date Parsing Methods Stanislav Valkanov reports: Date's parsing methods including `Date.parse` are using Regexps internally, some of which are vulnerable against regular expression denial of service. Applications and libraries that apply such methods to untrusted input may be affected. Discovery 2021-11-15 Entry 2021-11-15 Modified 2021-11-24 ruby >= 2.6.0,1 lt 2.6.9,1 >= 2.7.0,1 lt 2.7.5,1 >= 3.0.0,1 lt 3.0.3,1 ruby26 >= 2.6.0,1 lt 2.6.9,1 ruby27 >= 2.7.0,1 lt 2.7.5,1 ruby30 >= 3.0.0,1 lt 3.0.3,1 rubygem-date < 3.2.1 CVE-2021-41817 https://www.ruby-lang.org/en/news/2021/11/15/date-parsing-method-regexp-dos-cve-2021-41817/

6916ea94-4628-11ec-bbe2-0800270512f4

rubygem-date -- Regular Expression Denial of Service Vunlerability of Date Parsing Methods

Stanislav Valkanov reports:

Date's parsing methods including Date.parse are using Regexps internally, some of which are vulnerable against regular expression denial of service. Applications and libraries that apply such methods to untrusted input may be affected.

Discovery 2021-11-15
Entry 2021-11-15
Modified 2021-11-24
ruby

>= 2.6.0,1 lt 2.6.9,1

>= 2.7.0,1 lt 2.7.5,1

>= 3.0.0,1 lt 3.0.3,1

ruby26

>= 2.6.0,1 lt 2.6.9,1

ruby27

>= 2.7.0,1 lt 2.7.5,1

ruby30

>= 3.0.0,1 lt 3.0.3,1

rubygem-date

< 3.2.1

CVE-2021-41817
https://www.ruby-lang.org/en/news/2021/11/15/date-parsing-method-regexp-dos-cve-2021-41817/