3 matches found
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free in the eachvalue, eachchild, or eachleaf iterators when a Ruby block executed during iteration calls the close method on the document or its child nodes. An attacker can cause memory corruption by invoking close within a...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write through recursive calls to the eachchild function when processing deeply nested input. An attacker can cause the process to crash and trigger a denial of service by supplying a specially crafted, deeply nested JSON...
PT-2026-51082
Name of the Vulnerable Software and Affected Versions Oj versions prior to 3.17.2 Description When operating in object mode, the Oj.dump function is susceptible to a heap buffer overflow during the serialization of Exception objects if a large :indent value is used. The issue occurs because the...