16 matches found
CVE-2026-54896
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in object mode, Oj.dump is vulnerable to a heap buffer overflow when serializing Exception objects with a large :indent value. The serializer allocates a buffer sized for the object'...
CVE-2026-54896 Oj: Heap Buffer Overflow in Oj.dump Exception Serialization via Large Indent
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in object mode, Oj.dump is vulnerable to a heap buffer overflow when serializing Exception objects with a large :indent value. The serializer allocates a buffer sized for the object'...
CVE-2026-54502
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj.dump is vulnerable to a stack-based buffer overflow when a large :indent value is provided by the developer. fillindent in dump.h calls memsetindentstr, ' ', sizetopts-indent without...
Oj: Heap Buffer Overflow in Oj.dump Exception Serialization via Large Indent
Summary Oj.dump in object mode is vulnerable to a heap buffer overflow when serializing Exception objects with a large :indent value. The serializer allocates a buffer sized for the object's attributes but does not account for the indent bytes added on each write. With indent: 5000, the...
GHSA-35W3-PJM6-WJ95 Oj: Heap Buffer Overflow in Oj.dump Exception Serialization via Large Indent
Summary Oj.dump in object mode is vulnerable to a heap buffer overflow when serializing Exception objects with a large :indent value. The serializer allocates a buffer sized for the object's attributes but does not account for the indent bytes added on each write. With indent: 5000, the...
Oj: Stack Buffer Overflow in Oj.dump via Large Indent
Summary Oj.dump is vulnerable to a stack-based buffer overflow when a large :indent value is provided by the developer. fillindent in dump.h calls memsetindentstr, ' ', sizetopts-indent without validating the size. When opts-indent is set to INTMAX 2,147,483,647, the sizet cast preserves the larg...
GHSA-3V45-F3VH-WG7M Oj: Stack Buffer Overflow in Oj.dump via Large Indent
Summary Oj.dump is vulnerable to a stack-based buffer overflow when a large :indent value is provided by the developer. fillindent in dump.h calls memsetindentstr, ' ', sizetopts-indent without validating the size. When opts-indent is set to INTMAX 2,147,483,647, the sizet cast preserves the larg...
Stack-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the fillindent function when a very large value is provided to the indent option. An attacker can cause a crash by supplying an excessively large integer value, resulting in a stack buffer overflow during...
Oj - Stack Buffer Overflow in Oj.dump via Large Indent
Summary Oj.dump is vulnerable to a stack-based buffer overflow when a large :indent value is provided by the developer. fillindent in dump.h calls memsetindentstr, ' ', sizetopts-indent without validating the size. When opts-indent is set to INTMAX 2,147,483,647, the sizet cast preserves the larg...
Oj - Heap Buffer Overflow in Oj.dump Exception Serialization via Large Indent
Summary Oj.dump in object mode is vulnerable to a heap buffer overflow when serializing Exception objects with a large :indent value. The serializer allocates a buffer sized for the object's attributes but does not account for the indent bytes added on each write. With indent: 5000, the...
MGASA-2026-0073 Updated python-ujson packages fix security vulnerabilities
CVE-2026-32874 ujson 5.4.0 to 5.11.0 inclusive contains an accumulating memory leak in JSON parsing large outside of the range -2^63, 2^64 - 1 integers. ujson 5.4.0 to 5.11.0 has an integer overflow while handling a large indent which leads to a buffer overflow or infinite loop...
UBUNTU-CVE-2026-32875
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.10 through 5.11.0 are vulnerable to buffer overflow or infinite loop through large indent handling. ujson.dumps crashes the Python interpreter segmentation fault when the product of the indent...
CVE-2026-32875 UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.10 through 5.11.0 are vulnerable to buffer overflow or infinite loop through large indent handling. ujson.dumps crashes the Python interpreter segmentation fault when the product of the indent...
CVE-2026-32875
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.10 through 5.11.0 are vulnerable to buffer overflow or infinite loop through large indent handling. ujson.dumps crashes the Python interpreter segmentation fault when the product of the indent...
CVE-2026-32875 UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.10 through 5.11.0 are vulnerable to buffer overflow or infinite loop through large indent handling. ujson.dumps crashes the Python interpreter segmentation fault when the product of the indent...
UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop
Summary ujson.dumps crashes the Python interpreter segmentation fault when the product of the indent parameter and the nested depth of the input exceeds INT32MAX. It can also get stuck in an infinite loop if the indent is a large negative number. Both are caused by an integer overflow/underflow...