vulnerability

FreeBSD: VID-6916ea94-4628-11ec-bbe2-0800270512f4 (CVE-2021-41817): rubygem-date -- Regular Expression Denial of Service Vunlerability of Date Parsing Methods

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Nov 15, 2021	Nov 4, 2022	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Nov 15, 2021

Added

Nov 4, 2022

Modified

Dec 10, 2025

Description

Stanislav Valkanov reports: Date's parsing methods including Date.parse are using Regexps internally, some of which are vulnerable against regular expression denial of service. Applications and libraries that apply such methods to untrusted input may be affected.

Solutions

freebsd-upgrade-package-rubyfreebsd-upgrade-package-ruby26freebsd-upgrade-package-ruby27freebsd-upgrade-package-ruby30freebsd-upgrade-package-rubygem-date

References

CVE-2021-41817
https://attackerkb.com/topics/CVE-2021-41817
CWE-1333

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today