This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-09-15 18:04:00 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
76562594-1f19-11db-b7d4-0008743bf21a | ruby -- multiple vulnerabilities Secunia reports:
Discovery 2006-07-12 Entry 2006-07-29 Modified 2006-07-30 ruby ruby_static > 1.6.* lt 1.8.* > 1.8.* lt 1.8.4_9,1 18944 CVE-2006-3694 http://secunia.com/advisories/21009/ http://jvn.jp/jp/JVN%2383768862/index.html http://jvn.jp/jp/JVN%2313947696/index.html |
7fe7df75-6568-11e6-a590-14dae9d210b8 | End of Life Ports These packages have reached End of Life status and/or have been removed from the Ports Tree. They may contain undocumented security issues. Please take caution and find alternative software as soon as possible. Discovery 2016-08-18 Entry 2016-08-18 Modified 2016-10-18 python32 python31 python30 python26 python25 python24 python23 python22 python21 python20 python15 >= 0 php54 php53 php52 php5 php4 >= 0 perl5 < 5.18 perl5.16 perl5.14 perl5.12 perl >= 0 ruby ruby_static < 2.1,1 unifi2 unifi3 >= 0 apache21 apache20 apache13 >= 0 tomcat55 tomcat41 >= 0 mysql51-client mysql51-server mysql50-client mysql50-server mysql41-client mysql41-server mysql40-client mysql40-server >= 0 postgresql90-client postgresql90-server postgresql84-client postgresql84-server postgresql83-client postgresql83-server postgresql82-client postgresql82-server postgresql81-client postgresql81-server postgresql80-client postgresql80-server postgresql74-client postgresql74-server postgresql73-client postgresql73-server postgresql72-client postgresql72-server postgresql71-client postgresql71-server postgresql7-client postgresql7-server >= 0 ports/211975 |
959d384d-6b59-11dd-9d79-001fc61c2a55 | ruby -- DNS spoofing vulnerability The official ruby site reports:
Discovery 2008-08-08 Entry 2008-08-16 Modified 2009-02-09 ruby ruby+pthreads ruby+pthreads+oniguruma ruby+oniguruma >= 1.8.*,1 lt 1.8.6.111_5,1 >= 1.9.*,1 lt 1.9.1.0,1 CVE-2008-1447 http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/ |
91be81e7-3fea-11e1-afc7-2c4138874f7d | Multiple implementations -- DoS via hash algorithm collision oCERT reports:
Discovery 2011-12-28 Entry 2012-01-16 Modified 2012-01-20 jruby < 1.6.5.1 ruby ruby+nopthreads ruby+nopthreads+oniguruma ruby+oniguruma < 1.8.7.357,1 rubygem-rack < 1.3.6,3 v8 < 3.8.5 redis <= 2.4.6 node < 0.6.7 CVE-2011-4838 CVE-2011-4815 CVE-2011-5036 CVE-2011-5037 http://www.ocert.org/advisories/ocert-2011-003.html http://www.nruns.com/_downloads/advisory28122011.pdf |
ab8dbe98-6be4-11db-ae91-0012f06707f0 | ruby -- cgi.rb library Denial of Service Official ruby site reports:
Discovery 2006-10-25 Entry 2006-11-04 Modified 2006-12-15 ruby ruby+pthreads ruby+pthreads+oniguruma ruby+oniguruma >= 1.8.*,1 lt 1.8.5_4,1 ruby_static >= 1.8.*,1 20777 CVE-2006-5467 http://rubyforge.org/pipermail/mongrel-users/2006-October/001946.html |
34e0316a-aa91-11df-8c2e-001517289bf8 | ruby -- UTF-7 encoding XSS vulnerability in WEBrick The official ruby site reports:
Discovery 2010-08-16 Entry 2010-08-17 Modified 2010-08-20 ruby ruby+pthreads ruby+pthreads+oniguruma ruby+oniguruma >= 1.8.*,1 lt 1.8.7.248_3,1 >= 1.9.*,1 lt 1.9.1.430,1 40895 CVE-2010-0541 http://www.ruby-lang.org/en/news/2010/08/16/xss-in-webrick-cve-2010-0541/ |
53802164-3f7e-11dd-90ea-0019666436c2 | ruby -- multiple integer and buffer overflow vulnerabilities The official ruby site reports:
Discovery 2008-06-19 Entry 2008-06-21 ruby ruby+pthreads ruby+pthreads+oniguruma ruby+oniguruma >= 1.8.*,1 lt 1.8.6.111_3,1 ruby_static >= 1.8.*,1 CVE-2008-2726 http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/ |
62e0fbe5-5798-11de-bb78-001cc0377035 | ruby -- BigDecimal denial of service vulnerability The official ruby site reports:
Discovery 2009-06-09 Entry 2009-06-13 Modified 2010-05-02 ruby ruby+pthreads ruby+pthreads+oniguruma ruby+oniguruma >= 1.8.*,1 lt 1.8.7.160_1,1 35278 CVE-2009-1904 http://www.ruby-lang.org/en/news/2009/06/09/dos-vulnerability-in-bigdecimal/ |
7ed5779c-e4c7-11eb-91d7-08002728f74c | Ruby -- multiple vulnerabilities Ruby news:
Discovery 2021-07-07 Entry 2021-07-14 ruby26 < 2.6.8,1 ruby < 2.7.4,1 ruby30 < 3.0.2,1 CVE-2021-31799 CVE-2021-31810 CVE-2021-32066 https://www.ruby-lang.org/en/news/2021/07/07/ruby-2-6-8-released/ https://www.ruby-lang.org/en/news/2021/07/07/ruby-2-7-4-released/ https://www.ruby-lang.org/en/news/2021/07/07/ruby-3-0-2-released/ https://www.ruby-lang.org/en/news/2021/05/02/os-command-injection-in-rdoc/ https://www.ruby-lang.org/en/news/2021/07/07/starttls-stripping-in-net-imap/ https://www.ruby-lang.org/en/news/2021/07/07/trusting-pasv-responses-in-net-ftp/ |
c329712a-6b5b-11dd-9d79-001fc61c2a55 | ruby -- multiple vulnerabilities in safe level The official ruby site reports:
Discovery 2008-08-08 Entry 2008-08-16 Modified 2010-05-12 ruby ruby+pthreads ruby+pthreads+oniguruma ruby+oniguruma >= 1.8.*,1 lt 1.8.6.287,1 >= 1.9.*,1 lt 1.9.1.0,1 CVE-2008-3655 CVE-2008-3656 CVE-2008-3905 http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/ |
a8674c14-83d7-11db-88d5-0012f06707f0 | ruby -- cgi.rb library Denial of Service The official ruby site reports:
Discovery 2006-12-04 Entry 2006-12-04 Modified 2010-05-12 ruby ruby+pthreads ruby+pthreads+oniguruma ruby+oniguruma >= 1.8.*,1 lt 1.8.5_5,1 ruby_static >= 1.8.*,1 CVE-2006-6303 http://www.ruby-lang.org/en/news/2006/12/04/another-dos-vulnerability-in-cgi-library/ |
f7ba20aa-6b5a-11dd-9d79-001fc61c2a55 | ruby -- DoS vulnerability in WEBrick The official ruby site reports:
Discovery 2008-08-08 Entry 2008-08-16 Modified 2010-05-12 ruby ruby+pthreads ruby+pthreads+oniguruma ruby+oniguruma >= 1.8.*,1 lt 1.8.6.111_5,1 >= 1.9.*,1 lt 1.9.1.0,1 CVE-2008-3655 CVE-2008-3656 CVE-2008-3905 http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/ |