Lucene search
RubySecRUBY:JSON-2013-0269-101137HistoryFeb 11, 2013 - 8:00 p.m.
CVE-2013-0269 rubygem-json: Denial of Service and SQL Injection
2013-02-1120:00:00
RubySec
rubysec.com
14
The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7
for Ruby allows remote attackers to cause a denial of service (resource consumption)
or bypass the mass assignment protection mechanism via a crafted JSON document that
triggers the creation of arbitrary Ruby symbols or certain internal objects, as
demonstrated by conducting a SQL injection attack against Ruby on Rails, aka “Unsafe
Object Creation Vulnerability.”
References
Related
fedora
fedora
[SECURITY] Fedora 18 Update: rubygem-json-1.6.8-1.fc18
2013-03-05 23:31:15
[SECURITY] Fedora 17 Update: rubygem-json-1.6.8-1.fc17
2013-03-05 23:33:55
nessus
nessus
FreeBSD : Ruby -- Denial of Service and Unsafe Object Creation Vulnerability in JSON (c79eb109-a754-45d7-b552-a42099eb2265)
2013-02-18 00:00:00
Fedora 18 : rubygem-json-1.6.8-1.fc18 (2013-3052)
2013-03-06 00:00:00
Fedora 17 : rubygem-json-1.6.8-1.fc17 (2013-3050)
2013-03-06 00:00:00
debiancve
debiancve
CVE-2013-0269
2013-02-13 01:55:00
CVE-2020-10663
2020-04-28 21:15:00
ubuntucve
ubuntucve
CVE-2013-0269
2013-02-12 00:00:00
CVE-2020-10663
2020-04-28 00:00:00
openvas
openvas
Fedora Update for rubygem-json FEDORA-2013-3052
2013-03-08 00:00:00
Fedora Update for rubygem-json FEDORA-2013-3052
2013-03-08 00:00:00
Fedora Update for rubygem-json FEDORA-2013-3050
2013-03-08 00:00:00
freebsd
freebsd
prion
prion
Sql injection
2013-02-13 01:55:00
Design/Logic Flaw
2020-04-28 21:15:00
suse
suse
Security update for rubygem-json_pure (important)
2013-04-09 19:04:58
Security update for rubygem-json_pure (important)
2013-04-03 20:08:23
Security update for rubygem-extlib (important)
2013-04-03 20:10:37
osv
osv
JSON gem has Improper Input Validation vulnerability
2017-10-24 18:33:37
CVE-2020-10663
2020-04-28 21:15:11
Unsafe object creation in json RubyGem
2020-07-27 18:08:21
cve
cve
CVE-2013-0269
2013-02-13 01:55:00
CVE-2020-10663
2020-04-28 21:15:00
github
github
JSON gem has Improper Input Validation vulnerability
2017-10-24 18:33:37
Unsafe object creation in json RubyGem
2020-07-27 18:08:21
debian
debian
[SECURITY] [DLA 215-1] libjson-ruby security update
2015-04-30 16:34:41
[SECURITY] [DLA 2192-1] ruby2.1 security update
2020-04-30 22:01:47
[SECURITY] [DLA 263-1] ruby1.9.1 security update
2015-07-01 10:09:26
hackerone
hackerone
rubygems
rubygems
Unsafe Object Creation Vulnerability in JSON (Additional fix)
2020-03-18 21:00:00
json Gem for Ruby Unsafe Object Creation Vulnerability (additional fix)
2020-03-18 21:00:00
alpinelinux
alpinelinux
CVE-2020-10663
2020-04-28 21:15:00
redhatcve
redhatcve
CVE-2020-10663
2020-04-24 04:33:39
amazon
amazon
Medium: ruby19, ruby21
2020-08-26 23:10:00
Medium: rubygem-json
2020-08-26 23:09:00
Medium: ruby20
2020-08-10 23:07:00
slackware
slackware
ruby
2013-03-16 01:11:53
redhat
redhat
(RHSA-2013:0701) Moderate: ruby193-ruby, rubygem-json and rubygem-rdoc security update
2013-04-02 00:00:00
(RHSA-2013:1185) Important: Red Hat JBoss Fuse 6.0.0 patch 2
2013-08-29 00:00:00
(RHSA-2013:1028) Important: Fuse ESB Enterprise 7.1.0 update
2013-07-09 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-03-23 03:14:43
Arbitrary Code Execution
2019-05-02 04:44:25
Input Validation Bypass
2019-05-02 04:44:16
securityvulns
securityvulns
[USN-1733-1] Ruby vulnerabilities
2013-02-24 00:00:00
Ruby multiple security vulnerabilities
2013-02-24 00:00:00
threatpost
threatpost
Ruby on Rails Patches DoS, Remote Execution Flaws
2013-02-13 17:51:57
ubuntu
ubuntu
Ruby vulnerabilities
2013-02-21 00:00:00
gentoo
gentoo
Ruby: Denial of service
2014-12-13 00:00:00
Related for RUBY:JSON-2013-0269-101137