Lucene search
K

6 matches found

Cvelist
Cvelist
added yesterday9 views

CVE-2026-54903 Oj: Integer Overflow in Oj.load 2GB String Handling

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj.load is vulnerable to heap corruption when parsing a JSON string longer than 2 GB. An integer overflow in bufappendstring buf.h:61 converts the string length to a large negative sizet,...

6.3CVSS
Exploits0References1
CVE
CVE
added yesterday14 views

CVE-2026-54903

Oj is a Ruby gem that contains a heap corruption vulnerability in Oj.load for JSON strings larger than 2 GB, caused by an integer overflow in buf_append_string (buf.h:61) that turns the length into a negative size_t, leading memcpy to copy out-of-bounds data and crash. Affected versions are those...

6.3CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2026/06/19 7:35 p.m.5 views

GHSA-FM7P-MPRW-WJM9 Oj: intern.c form_attr (uninitialized stack read)

Summary Oj.load in :object mode reads uninitialized stack memory and, for long keys, reads out of bounds when parsing a JSON object whose key is 254 bytes or longer. The interned bytes can surface to the caller, disclosing process stack memory. Details In ext/oj/intern.c, formattr handles the...

5.3CVSS6.1AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/19 7:35 p.m.7 views

Oj: intern.c form_attr (uninitialized stack read)

Summary Oj.load in :object mode reads uninitialized stack memory and, for long keys, reads out of bounds when parsing a JSON object whose key is 254 bytes or longer. The interned bytes can surface to the caller, disclosing process stack memory. Details In ext/oj/intern.c, formattr handles the...

5.3CVSS6.1AI score
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.9 views

PT-2026-51089

Name of the Vulnerable Software and Affected Versions Oj versions prior to 3.17.2 Description Oj is a JSON parser and Object marshaller for Ruby. The Oj.load function is susceptible to heap corruption when processing a JSON string exceeding 2 GB. An integer overflow occurs within the buf append...

8.7CVSS5.9AI score
Exploits0References4
RubySec
RubySec
added 2026/06/19 12:0 a.m.4 views

Oj - Integer Overflow in Oj.load 2GB String Handling

Summary Oj.load is vulnerable to heap corruption when parsing a JSON string longer than 2 GB. An integer overflow in bufappendstring buf.h:61 converts the string length to a large negative sizet, causing memcpy to copy an astronomically large amount of data out of bounds. This crashes the process...

6.3CVSS5.9AI score
Exploits0References1Affected Software1
Rows per page
Query Builder