Lucene search
K

6 matches found

OSV
OSV
added 2026/07/01 12:16 a.m.4 views

UBUNTU-CVE-2026-54903

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj.load is vulnerable to heap corruption when parsing a JSON string longer than 2 GB. An integer overflow in bufappendstring buf.h:61 converts the string length to a large negative sizet,...

6.3CVSS5.8AI score0.00253EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51887

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double-free flaw exists in the Transparent Inter-Process Communication TIPC module. The issue occurs within the tipc buf append function when it incorrectly handles memory after a sock...

9.8CVSS6.2AI score0.00351EPSS
Exploits0References90
OSV
OSV
added 2026/06/19 8:47 p.m.5 views

GHSA-475M-PH3X-64GP Oj: Integer Overflow in Oj.load 2GB String Handling

Summary Oj.load is vulnerable to heap corruption when parsing a JSON string longer than 2 GB. An integer overflow in bufappendstring buf.h:61 converts the string length to a large negative sizet, causing memcpy to copy an astronomically large amount of data out of bounds. This crashes the process...

8.7CVSS5.9AI score0.00253EPSS
Exploits0References2
RubySec
RubySec
added 2026/06/19 12:0 a.m.5 views

Oj - Integer Overflow in Oj.load 2GB String Handling

Summary Oj.load is vulnerable to heap corruption when parsing a JSON string longer than 2 GB. An integer overflow in bufappendstring buf.h:61 converts the string length to a large negative sizet, causing memcpy to copy an astronomically large amount of data out of bounds. This crashes the process...

6.3CVSS5.9AI score0.00253EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986606)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986606 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: fix a possible memleak in tipcbufappend skblinearize doesn't free the skb when it fails, so...

5.5CVSS6.2AI score0.00249EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/02/19 1:0 a.m.5 views

kernel: tipc: fix a possible memleak in tipc_buf_append

In the Linux kernel, the following vulnerability has been resolved: tipc: fix a possible memleak in tipcbufappend skblinearize doesn't free the skb when it fails, so move 'buf = NULL' after skblinearize, so that the skb can be freed on the err path...

5.5CVSS6.8AI score0.00249EPSS
Exploits0References5
Rows per page
Query Builder