FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID Description

VuXML ID	Description
6916ea94-4628-11ec-bbe2-0800270512f4	rubygem-date -- Regular Expression Denial of Service Vunlerability of Date Parsing Methods Stanislav Valkanov reports: Date's parsing methods including `Date.parse` are using Regexps internally, some of which are vulnerable against regular expression denial of service. Applications and libraries that apply such methods to untrusted input may be affected. Discovery 2021-11-15 Entry 2021-11-15 Modified 2021-11-24 ruby ge 2.6.0,1 lt 2.6.9,1 ge 2.7.0,1 lt 2.7.5,1 ge 3.0.0,1 lt 3.0.3,1 ruby26 ge 2.6.0,1 lt 2.6.9,1 ruby27 ge 2.7.0,1 lt 2.7.5,1 ruby30 ge 3.0.0,1 lt 3.0.3,1 rubygem-date lt 3.2.1 CVE-2021-41817 https://www.ruby-lang.org/en/news/2021/11/15/date-parsing-method-regexp-dos-cve-2021-41817/

6916ea94-4628-11ec-bbe2-0800270512f4

rubygem-date -- Regular Expression Denial of Service Vunlerability of Date Parsing Methods

Stanislav Valkanov reports:

Date's parsing methods including Date.parse are using Regexps internally, some of which are vulnerable against regular expression denial of service. Applications and libraries that apply such methods to untrusted input may be affected.

Discovery 2021-11-15
Entry 2021-11-15
Modified 2021-11-24
ruby

ge 2.6.0,1 lt 2.6.9,1

ge 2.7.0,1 lt 2.7.5,1

ge 3.0.0,1 lt 3.0.3,1

ruby26

ge 2.6.0,1 lt 2.6.9,1

ruby27

ge 2.7.0,1 lt 2.7.5,1

ruby30

ge 3.0.0,1 lt 3.0.3,1

rubygem-date

lt 3.2.1

CVE-2021-41817
https://www.ruby-lang.org/en/news/2021/11/15/date-parsing-method-regexp-dos-cve-2021-41817/