EulerOS Virtualization 2.10.0 : yajl (EulerOS-SA-2026-1204)

According to the versions of the yajl package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is supplied to Yajl::Parser.new.parse, the whole ruby process crashes wi...

PT-2017-4257 · Ruby +4 · Yajl-Ruby +4

Name of the Vulnerable Software and Affected Versions: yajl-ruby gem version 1.3.0 Description: The issue is related to insufficient processing of a format string in the yajl string decode function of the yajl encode.c component in the YAJL-ruby JSON library. When a crafted JSON file is supplied ...