Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 3 days ago2 views

Linux Distros Unpatched Vulnerability : CVE-2026-54900

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in usual mode with createid enabled,...

6.3CVSS6AI score0.00253EPSS
Exploits0References3
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-54900 Oj: Negative-Size memcpy in Oj::Parser create_id Attribute Handling

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in usual mode with createid enabled, Oj::Parserparse is vulnerable to heap corruption via a negative-size memcpy. When a JSON object key is exactly 65,535 bytes long, an integer...

6.3CVSS0.00253EPSS
Exploits0References1
Debian CVE
Debian CVE
added 5 days ago4 views

CVE-2026-54900

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in usual mode with createid enabled, Oj::Parserparse is vulnerable to heap corruption via a negative-size memcpy. When a JSON object key is exactly 65,535 bytes long, an integer...

6.3CVSS5.7AI score0.00253EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/06/19 8:47 p.m.7 views

Oj: Negative-Size memcpy in Oj::Parser create_id Attribute Handling

Summary Oj::Parserparse in usual mode with createid enabled is vulnerable to heap corruption via a negative-size memcpy. When a JSON object key is exactly 65,535 bytes long, an integer truncation in formattr usual.c:63 converts the length to -1 before passing it to memcpy. This causes memcpy to...

6.3CVSS5.9AI score0.00253EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.11 views

PT-2026-51086

Name of the Vulnerable Software and Affected Versions Oj versions prior to 3.17.2 Description When operating in usual mode with create id enabled, the Oj::Parserparse function is susceptible to heap corruption. This occurs when a JSON object key is exactly 65,535 bytes long, leading to an integer...

8.7CVSS5.8AI score0.00253EPSS
Exploits0References4
RubySec
RubySec
added 2026/06/19 12:0 a.m.5 views

Oj - Negative-Size memcpy in 'Oj::Parser' create_id Attribute Handling

Summary Oj::Parserparse in usual mode with createid enabled is vulnerable to heap corruption via a negative-size memcpy. When a JSON object key is exactly 65,535 bytes long, an integer truncation in formattr usual.c:63 converts the length to -1 before passing it to memcpy. This causes memcpy to...

6.3CVSS5.8AI score0.00253EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder