pkg:freebsd/ruby
Type
freebsd
Name
ruby
Known advisories, vulnerabilities and fixes for ruby package.
- Repository
- pkgs.org
Critical
5
High
17
Medium
15
Low
1
None
3
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 2.7.6,1 |
CVE-2022-28739
|
FREEBSD:06ED6A49-BAD4-11EC-9CFE-0800270512F4 | Ruby -- Buffer overrun in String-to-Float conversion | high |
2022-04-12T00:00:00
(2 years ago) |
|
Affected | > 1.6.*, < 1.6.8.2004.07.28_2 |
CVE-2005-2337
|
FREEBSD:1DAEA60A-4719-11DA-B5C6-0004614CC33D | ruby -- vulnerability in the safe level settings | high |
2005-10-02T00:00:00
(19 years ago) |
|
Affected | > 1.8.7,1, < 1.8.7.371,1 |
CVE-2012-4464
CVE-2012-4466 |
FREEBSD:2A093853-2495-11E2-B0C7-000D601460A4 | ruby -- $SAFE escaping vulnerability about Exception#to_s/NameError#to_s | medium |
2012-08-21T00:00:00
(12 years ago) |
|
Affected | < 2.7.5,1 |
CVE-2021-41816
|
FREEBSD:2C6AF5C3-4D36-11EC-A539-0800270512F4 | rubygem-cgi -- buffer overrun in CGI.escape_html | critical |
2021-11-24T00:00:00
(2 years ago) |
|
Affected | < 3.1.5,1 |
CVE-2024-27282
|
FREEBSD:2CE1A2F1-0177-11EF-A45E-08002784C58D | ruby -- Arbitrary memory address read vulnerability with Regex search |
2024-04-23T00:00:00
(4 months ago) |
||
Affected | < 1.8.7.248_3,1 |
CVE-2010-0541
|
FREEBSD:34E0316A-AA91-11DF-8C2E-001517289BF8 | ruby -- UTF-7 encoding XSS vulnerability in WEBrick | medium |
2010-08-16T00:00:00
(14 years ago) |
|
Affected | < 2.0.0.648,1 |
CVE-2015-7551
|
FREEBSD:3B50881D-1860-4721-AAB1-503290E23F6C | Ruby -- unsafe tainted string vulnerability | high |
2015-12-16T00:00:00
(8 years ago) |
|
Affected | > 1.9.3,1, < 1.9.3.286,1 |
CVE-2012-4522
|
FREEBSD:3DECC87D-2498-11E2-B0C7-000D601460A4 | ruby -- Unintentional file creation caused by inserting an illegal NUL character | medium |
2012-10-12T00:00:00
(12 years ago) |
|
Affected | < 2.6.9,1 |
CVE-2021-41819
|
FREEBSD:4548EC97-4D38-11EC-A539-0800270512F4 | rubygem-cgi -- cookie prefix spoofing in CGI::Cookie.parse | high |
2021-11-24T00:00:00
(2 years ago) |
|
Affected | < 1.8.6.111_3,1 |
CVE-2008-2726
|
FREEBSD:53802164-3F7E-11DD-90EA-0019666436C2 | ruby -- multiple integer and buffer overflow vulnerabilities | high |
2008-06-19T00:00:00
(16 years ago) |
|
Affected | > 1.8.*, < 1.8.2_3 |
CVE-2005-1992
|
FREEBSD:594EB447-E398-11D9-A8BD-000CF18BBE54 | ruby -- arbitrary command execution on XMLRPC server | high |
2005-06-22T00:00:00
(19 years ago) |
|
Affected | < 1.9.3.327 |
CVE-2012-5371
|
FREEBSD:5E647CA3-2AEA-11E2-B745-001FD0AF1A4C | ruby -- Hash-flooding DoS vulnerability for ruby 1.9 | medium |
2012-11-10T00:00:00
(12 years ago) |
|
Affected | < 1.8.7.160_1,1 |
CVE-2009-1904
|
FREEBSD:62E0FBE5-5798-11DE-BB78-001CC0377035 | ruby -- BigDecimal denial of service vulnerability | medium |
2009-06-09T00:00:00
(15 years ago) |
|
Affected | < 2.6.9,1 |
CVE-2021-41817
|
FREEBSD:6916EA94-4628-11EC-BBE2-0800270512F4 | rubygem-date -- Regular Expression Denial of Service Vunlerability of Date Parsing Methods | high |
2021-11-15T00:00:00
(2 years ago) |
|
Affected | < 2.7.8,1 |
CVE-2023-28756
|
FREEBSD:6BD2773C-CF1A-11ED-BD44-080027F5FEC9 | rubygem-time -- ReDoS vulnerability | medium |
2023-03-30T00:00:00
(17 months ago) |
|
Affected | > 1.6.*, < 1.8.* |
CVE-2006-3694
|
FREEBSD:76562594-1F19-11DB-B7D4-0008743BF21A | ruby -- multiple vulnerabilities | medium |
2006-07-12T00:00:00
(18 years ago) |
|
Affected | < 2.7.4,1 |
CVE-2021-31799
CVE-2021-31810 CVE-2021-32066 |
FREEBSD:7ED5779C-E4C7-11EB-91D7-08002728F74C | Ruby -- multiple vulnerabilities | high |
2021-07-07T00:00:00
(3 years ago) |
|
Affected | < 2.1,1 | FREEBSD:7FE7DF75-6568-11E6-A590-14DAE9D210B8 | End of Life Ports |
2016-08-18T00:00:00
(8 years ago) |
|||
Affected | < 1.9.3.392,1 | FREEBSD:844CF3F5-9259-4B3E-AC9E-13CA17333ED7 | ruby -- DoS vulnerability in REXML |
2013-02-22T00:00:00
(11 years ago) |
|||
Affected | < 2.7.7,1 |
CVE-2021-33621
|
FREEBSD:84AB03B6-6C20-11ED-B519-080027F5FEC9 | rubygem-cgi -- HTTP response splitting vulnerability | high |
2022-11-22T00:00:00
(22 months ago) |
|
Affected | < 1.8.7.357,1 |
CVE-2011-4815
CVE-2011-4838 CVE-2011-5036 CVE-2011-5037 |
FREEBSD:91BE81E7-3FEA-11E1-AFC7-2C4138874F7D | Multiple implementations -- DoS via hash algorithm collision | high |
2011-12-28T00:00:00
(12 years ago) |
|
Affected | < 1.8.6.111_5,1 |
CVE-2008-1447
|
FREEBSD:959D384D-6B59-11DD-9D79-001FC61C2A55 | ruby -- DNS spoofing vulnerability | medium |
2008-08-08T00:00:00
(16 years ago) |
|
Affected | < 2.2.8 |
CVE-2017-0898
CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 |
FREEBSD:95B01379-9D52-11E7-A25C-471BAFC3262F | ruby -- multiple vulnerabilities | critical |
2017-09-14T00:00:00
(7 years ago) |
|
Affected | < 2.7.8,1 |
CVE-2023-28755
|
FREEBSD:9B60BBA1-CF18-11ED-BD44-080027F5FEC9 | rubygem-uri -- ReDoS vulnerability | medium |
2023-03-28T00:00:00
(17 months ago) |
|
Affected | < 1.8.5_5,1 |
CVE-2006-6303
|
FREEBSD:A8674C14-83D7-11DB-88D5-0012F06707F0 | ruby -- cgi.rb library Denial of Service | medium |
2006-12-04T00:00:00
(18 years ago) |
|
Affected | < 1.8.5_4,1 |
CVE-2006-5467
|
FREEBSD:AB8DBE98-6BE4-11DB-AE91-0012F06707F0 | ruby -- cgi.rb library Denial of Service | medium |
2006-10-25T00:00:00
(18 years ago) |
|
Affected | < 2.3.8,1 |
CVE-2018-16395
CVE-2018-16396 |
FREEBSD:AFC60484-0652-440E-B01A-5EF814747F06 | ruby -- multiple vulnerabilities | critical |
2018-10-17T00:00:00
(6 years ago) |
|
Affected | < 1.8.6.287,1 |
CVE-2008-3655
CVE-2008-3656 CVE-2008-3905 |
FREEBSD:C329712A-6B5B-11DD-9D79-001FC61C2A55 | ruby -- multiple vulnerabilities in safe level | high |
2008-08-08T00:00:00
(16 years ago) |
|
Affected | < 1.9.3.385,1 |
CVE-2013-0269
|
FREEBSD:C79EB109-A754-45D7-B552-A42099EB2265 | Ruby -- Denial of Service and Unsafe Object Creation Vulnerability in JSON | high |
2013-02-11T00:00:00
(11 years ago) |
|
Affected | < 1.9.3.385,1 |
CVE-2013-0256
|
FREEBSD:D3E96508-056B-4259-88AD-50DC8D1978A6 | Ruby -- XSS exploit of RDoc documentation generated by rdoc | medium |
2013-02-06T00:00:00
(11 years ago) |
|
Affected | < 2.0.0.645,1 < 2.1.6,1 < 2.2.2,1 |
CVE-2015-1855
|
FREEBSD:D4379F59-3E9B-49EB-933B-61DE4D0B0FDB | Ruby -- OpenSSL Hostname Verification Vulnerability | medium |
2015-04-13T00:00:00
(9 years ago) |
|
Affected | > 1.7.*, < 1.8.2.p2_2 |
CVE-2004-0983
|
FREEBSD:D656296B-33FF-11D9-A9E7-0001020EED82 | ruby -- CGI DoS | medium |
2004-11-06T00:00:00
(20 years ago) |
|
Affected | < 2.2.9,1 |
CVE-2017-17405
|
FREEBSD:DD644964-E10E-11E7-8097-0800271D4B9C | ruby -- Command injection vulnerability in Net::FTP | high |
2017-12-14T00:00:00
(6 years ago) |
|
Affected | < 2.5.9,1 |
CVE-2021-28965
|
FREEBSD:DEC7E4B6-961A-11EB-9C34-080027F515EA | ruby -- XML round-trip vulnerability in REXML | high |
2021-04-05T00:00:00
(3 years ago) |
|
Affected | < 1.6.8.2004.07.26 |
CVE-2004-0755
|
FREEBSD:E811AAF1-F015-11D8-876F-00902714CC7C | Ruby insecure file permissions in the CGI session management | low |
2004-08-16T00:00:00
(20 years ago) |
|
Affected | < 1.9.1.376,1 |
CVE-2009-4124
|
FREEBSD:EAB8C3BD-E50C-11DE-9CD0-001A926C7637 | ruby -- heap overflow vulnerability | high |
2009-11-30T00:00:00
(15 years ago) |
|
Affected | < 2.3.7,1 |
CVE-2017-17742
CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780 |
FREEBSD:EB69BCF2-18EF-4AA2-BB0C-83B263364089 | ruby -- multiple vulnerabilities | critical |
2018-03-28T00:00:00
(6 years ago) |
|
Affected | < 2.4.7,1 |
CVE-2012-6708
CVE-2015-9251 |
FREEBSD:ED8D5535-CA78-11E9-980B-999FF59C22EA | RDoc -- multiple jQuery vulnerabilities | medium |
2019-08-28T00:00:00
(5 years ago) |
|
Affected | < 3.0.4,1 |
CVE-2022-28738
|
FREEBSD:F22144D7-BAD1-11EC-9CFE-0800270512F4 | Ruby -- Double free in Regexp compilation | critical |
2022-04-12T00:00:00
(2 years ago) |
|
Affected | < 1.8.6.111_5,1 |
CVE-2008-3655
CVE-2008-3656 CVE-2008-3905 |
FREEBSD:F7BA20AA-6B5A-11DD-9D79-001FC61C2A55 | ruby -- DoS vulnerability in WEBrick | high |
2008-08-08T00:00:00
(16 years ago) |
|
Affected | < 2.4.9,1 |
CVE-2019-15845
CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 |
FREEBSD:F7FCB75C-E537-11E9-863E-B9B7AF01BA9E | ruby -- multiple vulnerabilities | high |
2019-10-01T00:00:00
(5 years ago) |