pkg:freebsd/ruby

Type freebsd

Name ruby

Known advisories, vulnerabilities and fixes for ruby package.

Repository: pkgs.org

Critical 5

High 17

Medium 15

Low 1

None 3

Type	Version	# CVEs	# Advisory ID	Title	Severity	Published
Affected	< 2.7.6,1	CVE-2022-28739	FREEBSD:06ED6A49-BAD4-11EC-9CFE-0800270512F4	Ruby -- Buffer overrun in String-to-Float conversion	high	2022-04-12T00:00:00 (2 years ago)
Affected	> 1.6.*, < 1.6.8.2004.07.28_2	CVE-2005-2337	FREEBSD:1DAEA60A-4719-11DA-B5C6-0004614CC33D	ruby -- vulnerability in the safe level settings	high	2005-10-02T00:00:00 (19 years ago)
Affected	> 1.8.7,1, < 1.8.7.371,1	CVE-2012-4464 CVE-2012-4466	FREEBSD:2A093853-2495-11E2-B0C7-000D601460A4	ruby -- $SAFE escaping vulnerability about Exception#to_s/NameError#to_s	medium	2012-08-21T00:00:00 (12 years ago)
Affected	< 2.7.5,1	CVE-2021-41816	FREEBSD:2C6AF5C3-4D36-11EC-A539-0800270512F4	rubygem-cgi -- buffer overrun in CGI.escape_html	critical	2021-11-24T00:00:00 (2 years ago)
Affected	< 3.1.5,1	CVE-2024-27282	FREEBSD:2CE1A2F1-0177-11EF-A45E-08002784C58D	ruby -- Arbitrary memory address read vulnerability with Regex search		2024-04-23T00:00:00 (4 months ago)
Affected	< 1.8.7.248_3,1	CVE-2010-0541	FREEBSD:34E0316A-AA91-11DF-8C2E-001517289BF8	ruby -- UTF-7 encoding XSS vulnerability in WEBrick	medium	2010-08-16T00:00:00 (14 years ago)
Affected	< 2.0.0.648,1	CVE-2015-7551	FREEBSD:3B50881D-1860-4721-AAB1-503290E23F6C	Ruby -- unsafe tainted string vulnerability	high	2015-12-16T00:00:00 (8 years ago)
Affected	> 1.9.3,1, < 1.9.3.286,1	CVE-2012-4522	FREEBSD:3DECC87D-2498-11E2-B0C7-000D601460A4	ruby -- Unintentional file creation caused by inserting an illegal NUL character	medium	2012-10-12T00:00:00 (12 years ago)
Affected	< 2.6.9,1	CVE-2021-41819	FREEBSD:4548EC97-4D38-11EC-A539-0800270512F4	rubygem-cgi -- cookie prefix spoofing in CGI::Cookie.parse	high	2021-11-24T00:00:00 (2 years ago)
Affected	< 1.8.6.111_3,1	CVE-2008-2726	FREEBSD:53802164-3F7E-11DD-90EA-0019666436C2	ruby -- multiple integer and buffer overflow vulnerabilities	high	2008-06-19T00:00:00 (16 years ago)
Affected	> 1.8.*, < 1.8.2_3	CVE-2005-1992	FREEBSD:594EB447-E398-11D9-A8BD-000CF18BBE54	ruby -- arbitrary command execution on XMLRPC server	high	2005-06-22T00:00:00 (19 years ago)
Affected	< 1.9.3.327	CVE-2012-5371	FREEBSD:5E647CA3-2AEA-11E2-B745-001FD0AF1A4C	ruby -- Hash-flooding DoS vulnerability for ruby 1.9	medium	2012-11-10T00:00:00 (12 years ago)
Affected	< 1.8.7.160_1,1	CVE-2009-1904	FREEBSD:62E0FBE5-5798-11DE-BB78-001CC0377035	ruby -- BigDecimal denial of service vulnerability	medium	2009-06-09T00:00:00 (15 years ago)
Affected	< 2.6.9,1	CVE-2021-41817	FREEBSD:6916EA94-4628-11EC-BBE2-0800270512F4	rubygem-date -- Regular Expression Denial of Service Vunlerability of Date Parsing Methods	high	2021-11-15T00:00:00 (2 years ago)
Affected	< 2.7.8,1	CVE-2023-28756	FREEBSD:6BD2773C-CF1A-11ED-BD44-080027F5FEC9	rubygem-time -- ReDoS vulnerability	medium	2023-03-30T00:00:00 (17 months ago)
Affected	> 1.6., < 1.8.	CVE-2006-3694	FREEBSD:76562594-1F19-11DB-B7D4-0008743BF21A	ruby -- multiple vulnerabilities	medium	2006-07-12T00:00:00 (18 years ago)
Affected	< 2.7.4,1	CVE-2021-31799 CVE-2021-31810 CVE-2021-32066	FREEBSD:7ED5779C-E4C7-11EB-91D7-08002728F74C	Ruby -- multiple vulnerabilities	high	2021-07-07T00:00:00 (3 years ago)
Affected	< 2.1,1		FREEBSD:7FE7DF75-6568-11E6-A590-14DAE9D210B8	End of Life Ports		2016-08-18T00:00:00 (8 years ago)
Affected	< 1.9.3.392,1		FREEBSD:844CF3F5-9259-4B3E-AC9E-13CA17333ED7	ruby -- DoS vulnerability in REXML		2013-02-22T00:00:00 (11 years ago)
Affected	< 2.7.7,1	CVE-2021-33621	FREEBSD:84AB03B6-6C20-11ED-B519-080027F5FEC9	rubygem-cgi -- HTTP response splitting vulnerability	high	2022-11-22T00:00:00 (22 months ago)
Affected	< 1.8.7.357,1	CVE-2011-4815 CVE-2011-4838 CVE-2011-5036 CVE-2011-5037	FREEBSD:91BE81E7-3FEA-11E1-AFC7-2C4138874F7D	Multiple implementations -- DoS via hash algorithm collision	high	2011-12-28T00:00:00 (12 years ago)
Affected	< 1.8.6.111_5,1	CVE-2008-1447	FREEBSD:959D384D-6B59-11DD-9D79-001FC61C2A55	ruby -- DNS spoofing vulnerability	medium	2008-08-08T00:00:00 (16 years ago)
Affected	< 2.2.8	CVE-2017-0898 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064	FREEBSD:95B01379-9D52-11E7-A25C-471BAFC3262F	ruby -- multiple vulnerabilities	critical	2017-09-14T00:00:00 (7 years ago)
Affected	< 2.7.8,1	CVE-2023-28755	FREEBSD:9B60BBA1-CF18-11ED-BD44-080027F5FEC9	rubygem-uri -- ReDoS vulnerability	medium	2023-03-28T00:00:00 (17 months ago)
Affected	< 1.8.5_5,1	CVE-2006-6303	FREEBSD:A8674C14-83D7-11DB-88D5-0012F06707F0	ruby -- cgi.rb library Denial of Service	medium	2006-12-04T00:00:00 (18 years ago)
Affected	< 1.8.5_4,1	CVE-2006-5467	FREEBSD:AB8DBE98-6BE4-11DB-AE91-0012F06707F0	ruby -- cgi.rb library Denial of Service	medium	2006-10-25T00:00:00 (18 years ago)
Affected	< 2.3.8,1	CVE-2018-16395 CVE-2018-16396	FREEBSD:AFC60484-0652-440E-B01A-5EF814747F06	ruby -- multiple vulnerabilities	critical	2018-10-17T00:00:00 (6 years ago)
Affected	< 1.8.6.287,1	CVE-2008-3655 CVE-2008-3656 CVE-2008-3905	FREEBSD:C329712A-6B5B-11DD-9D79-001FC61C2A55	ruby -- multiple vulnerabilities in safe level	high	2008-08-08T00:00:00 (16 years ago)
Affected	< 1.9.3.385,1	CVE-2013-0269	FREEBSD:C79EB109-A754-45D7-B552-A42099EB2265	Ruby -- Denial of Service and Unsafe Object Creation Vulnerability in JSON	high	2013-02-11T00:00:00 (11 years ago)
Affected	< 1.9.3.385,1	CVE-2013-0256	FREEBSD:D3E96508-056B-4259-88AD-50DC8D1978A6	Ruby -- XSS exploit of RDoc documentation generated by rdoc	medium	2013-02-06T00:00:00 (11 years ago)
Affected	< 2.0.0.645,1 < 2.1.6,1 < 2.2.2,1	CVE-2015-1855	FREEBSD:D4379F59-3E9B-49EB-933B-61DE4D0B0FDB	Ruby -- OpenSSL Hostname Verification Vulnerability	medium	2015-04-13T00:00:00 (9 years ago)
Affected	> 1.7.*, < 1.8.2.p2_2	CVE-2004-0983	FREEBSD:D656296B-33FF-11D9-A9E7-0001020EED82	ruby -- CGI DoS	medium	2004-11-06T00:00:00 (20 years ago)
Affected	< 2.2.9,1	CVE-2017-17405	FREEBSD:DD644964-E10E-11E7-8097-0800271D4B9C	ruby -- Command injection vulnerability in Net::FTP	high	2017-12-14T00:00:00 (6 years ago)
Affected	< 2.5.9,1	CVE-2021-28965	FREEBSD:DEC7E4B6-961A-11EB-9C34-080027F515EA	ruby -- XML round-trip vulnerability in REXML	high	2021-04-05T00:00:00 (3 years ago)
Affected	< 1.6.8.2004.07.26	CVE-2004-0755	FREEBSD:E811AAF1-F015-11D8-876F-00902714CC7C	Ruby insecure file permissions in the CGI session management	low	2004-08-16T00:00:00 (20 years ago)
Affected	< 1.9.1.376,1	CVE-2009-4124	FREEBSD:EAB8C3BD-E50C-11DE-9CD0-001A926C7637	ruby -- heap overflow vulnerability	high	2009-11-30T00:00:00 (15 years ago)
Affected	< 2.3.7,1	CVE-2017-17742 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780	FREEBSD:EB69BCF2-18EF-4AA2-BB0C-83B263364089	ruby -- multiple vulnerabilities	critical	2018-03-28T00:00:00 (6 years ago)
Affected	< 2.4.7,1	CVE-2012-6708 CVE-2015-9251	FREEBSD:ED8D5535-CA78-11E9-980B-999FF59C22EA	RDoc -- multiple jQuery vulnerabilities	medium	2019-08-28T00:00:00 (5 years ago)
Affected	< 3.0.4,1	CVE-2022-28738	FREEBSD:F22144D7-BAD1-11EC-9CFE-0800270512F4	Ruby -- Double free in Regexp compilation	critical	2022-04-12T00:00:00 (2 years ago)
Affected	< 1.8.6.111_5,1	CVE-2008-3655 CVE-2008-3656 CVE-2008-3905	FREEBSD:F7BA20AA-6B5A-11DD-9D79-001FC61C2A55	ruby -- DoS vulnerability in WEBrick	high	2008-08-08T00:00:00 (16 years ago)
Affected	< 2.4.9,1	CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255	FREEBSD:F7FCB75C-E537-11E9-863E-B9B7AF01BA9E	ruby -- multiple vulnerabilities	high	2019-10-01T00:00:00 (5 years ago)