FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-02 10:37:19 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
9b60bba1-cf18-11ed-bd44-080027f5fec9rubygem-uri -- ReDoS vulnerability

Dominic Couture reports:

A ReDoS issue was discovered in the URI component. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects.


Discovery 2023-03-28
Entry 2023-03-30
ruby
ge 2.7.0,1 lt 2.7.8,1

ge 3.0.0,1 lt 3.0.6,1

ge 3.1.0,1 lt 3.1.4,1

ge 3.2.0.p1,1 lt 3.2.2,1

ruby27
ge 2.7.0,1 lt 2.7.8,1

ruby30
ge 3.0.0,1 lt 3.0.6,1

ruby31
ge 3.1.0,1 lt 3.1.4,1

ruby32
ge 3.2.0.p1,1 lt 3.2.2,1

rubygem-uri
< 0.12.1

CVE-2023-28755
https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/