Lucene search

CVE-2020-10663

🗓️ 28 Apr 2020 21:11:15Reported by [email protected]Type

JSON gem for Ruby 2.4-2.6 Unsafe Object Creation Vulnerabilit

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 199
Tenable Nessus	FreeBSD : rubygem-json -- Unsafe Objection Creation Vulnerability in JSON (Additional fix) (40194e1c-6d89-11ea-8082-80ee73419af3)	26 Mar 202000:00	–	nessus
Tenable Nessus	Rocky Linux 8 : pcs (RLSA-2020:2462)	9 Feb 202200:00	–	nessus
Tenable Nessus	Amazon Linux AMI : rubygem-json (ALAS-2020-1423)	31 Aug 202000:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2020-10663	4 Mar 202500:00	–	nessus
Tenable Nessus	Debian DLA-2192-1 : ruby2.1 security update	1 May 202000:00	–	nessus
Tenable Nessus	Amazon Linux AMI : ruby19, ruby21 (ALAS-2020-1426)	31 Aug 202000:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP2 : ruby (EulerOS-SA-2020-1686)	17 Jun 202000:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP8 : ruby (EulerOS-SA-2020-1590)	26 May 202000:00	–	nessus
Tenable Nessus	EulerOS Virtualization for ARM 64 3.0.6.0 : ruby (EulerOS-SA-2020-1691)	25 Jun 202000:00	–	nessus
Tenable Nessus	Amazon Linux AMI : ruby20 (ALAS-2020-1416)	13 Aug 202000:00	–	nessus

Nvd

Node

json_project jsonRange≤2.2.0ruby

AND

ruby-lang rubyRange2.4.0–2.4.9

ruby-lang rubyRange2.5.0–2.5.7

ruby-lang rubyRange2.6.0–2.6.5

Node

fedoraproject fedoraMatch30

fedoraproject fedoraMatch31

Node

opensuse leapMatch15.1

Node

debian debian_linuxMatch8.0

debian debian_linuxMatch10.0

Node

apple macosMatch11.0.1

Source	Link
lists	www.lists.apache.org/thread.html/r3b04f4e99a19613f88ae088aa18cd271231a3c79dfff8f5efa8cda61%40%3Cissues.zookeeper.apache.org%3E
support	www.support.apple.com/kb/HT211931
lists	www.lists.apache.org/thread.html/r37c0e1807da7ff2bdd028bbe296465a6bbb99e2320dbe661d5d8b33b%40%3Cissues.zookeeper.apache.org%3E
security	www.security.netapp.com/advisory/ntap-20210129-0003/
ruby-lang	www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/
lists	www.lists.apache.org/thread.html/rb2b981912446a74e14fe6076c4b7c7d8502727ea0718e6a65a9b1be5%40%3Cissues.zookeeper.apache.org%3E
debian	www.debian.org/security/2020/dsa-4721
seclists	www.seclists.org/fulldisclosure/2020/Dec/32
lists	www.lists.apache.org/thread.html/ree3abcd33c06ee95ab59faa1751198a1186d8941ddc2c2562c12966c%40%3Cissues.zookeeper.apache.org%3E
lists	www.lists.apache.org/thread.html/r5f17bfca1d6e7f4b33ae978725b2fd62a9f1b3111696eafa9add802d%40%3Cissues.zookeeper.apache.org%3E

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

28 Apr 2020 21:15Current

7.6High risk

Vulners AI Score7.6

CVSS25

CVSS37.5

EPSS0.10014

CWE-20