FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-09 08:42:40 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
2ce1a2f1-0177-11ef-a45e-08002784c58d	ruby -- Arbitrary memory address read vulnerability with Regex search sp2ip reports: If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings. Discovery 2024-04-23 Entry 2024-04-23 ruby ge 3.1.0,1 lt 3.1.5,1 ge 3.2.0,1 lt 3.2.4,1 ge 3.3.0,1 lt 3.3.1,1 ruby31 ge 3.1.0,1 lt 3.1.5,1 ruby32 ge 3.2.0,1 lt 3.2.4,1 ruby33 ge 3.3.0,1 lt 3.3.1,1 CVE-2024-27282 https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/

VuXML ID

Description

2ce1a2f1-0177-11ef-a45e-08002784c58d

ruby -- Arbitrary memory address read vulnerability with Regex search

sp2ip reports:

If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings.

Discovery 2024-04-23
Entry 2024-04-23
ruby

ge 3.1.0,1 lt 3.1.5,1

ge 3.2.0,1 lt 3.2.4,1

ge 3.3.0,1 lt 3.3.1,1

ruby31

ge 3.1.0,1 lt 3.1.5,1

ruby32

ge 3.2.0,1 lt 3.2.4,1

ruby33

ge 3.3.0,1 lt 3.3.1,1

CVE-2024-27282
https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/