170 matches found
CVE-2026-54592
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj::Doceachchild, when invoked recursively over a deeply nested JSON document, overflows a fixed-size stack buffer and aborts the process, leading to DoS. In a two-step chain in...
DEBIAN-CVE-2026-54896
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in object mode, Oj.dump is vulnerable to a heap buffer overflow when serializing Exception objects with a large :indent value. The serializer allocates a buffer sized for the object'...
CVE-2026-54897
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to 3.17.2, Oj::Doc iterators eachvalue, eachchild, eachleaf were vulnerable to a heap use-after-free. When a Ruby block yielded during iteration calls doc.close or d.close, the document's heap memory is freed...
DEBIAN-CVE-2026-54897
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to 3.17.2, Oj::Doc iterators eachvalue, eachchild, eachleaf were vulnerable to a heap use-after-free. When a Ruby block yielded during iteration calls doc.close or d.close, the document's heap memory is freed...
UBUNTU-CVE-2026-54903
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj.load is vulnerable to heap corruption when parsing a JSON string longer than 2 GB. An integer overflow in bufappendstring buf.h:61 converts the string length to a large negative sizet,...
CVE-2026-54903
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj.load is vulnerable to heap corruption when parsing a JSON string longer than 2 GB. An integer overflow in bufappendstring buf.h:61 converts the string length to a large negative sizet,...
CVE-2026-54903
Oj is a Ruby gem that contains a heap corruption vulnerability in Oj.load for JSON strings larger than 2 GB, caused by an integer overflow in buf_append_string (buf.h:61) that turns the length into a negative size_t, leading memcpy to copy out-of-bounds data and crash. Affected versions are those...
CVE-2026-54903 Oj: Integer Overflow in Oj.load 2GB String Handling
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj.load is vulnerable to heap corruption when parsing a JSON string longer than 2 GB. An integer overflow in bufappendstring buf.h:61 converts the string length to a large negative sizet,...
CVE-2026-54902 Oj: Use-After-Free in Oj::Parser SAJ Long Key Callback
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to version 3.17.2, is vulnerable to Use-After-Free when in SAJ mode. The Oj::Parser does not protect cached object keys ≥ 35 bytes from garbage collection, and a Ruby callback that triggers GC inside hashend ca...
CVE-2026-54901
Oj (Optimized JSON) Ruby gem contains a Use-After-Free in Oj::Parser in normal mode prior to 3.17.2: during GC, array_class/hash_class refs may be reclaimed, leaving a dangling VALUE for the next parse and causing a segfault. Fixed in version 3.17.2. Affected: Oj::Parser parsing flow; trigger is ...
CVE-2026-54898
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2,Oj::Parserparse is vulnerable to a heap use-after-free when a SAJ/SAJ2 callback mutates the input JSON string during parsing. The C engine holds a raw const byte pointer into the Ruby...
CVE-2026-54898
CVE-2026-54898 (Oj gem) affects the Ruby JSON parser Oj in versions before 3.17.2. The vulnerability occurs when a SAJ/SAJ2 callback mutates the input string during parsing, causing the C engine’s raw pointer into Ruby’s string buffer to become dangling and resulting in a heap use-after-free on t...
CVE-2026-54898 Oj: Use-After-Free in Oj::Parser SAJ Callback via Input Mutation
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2,Oj::Parserparse is vulnerable to a heap use-after-free when a SAJ/SAJ2 callback mutates the input JSON string during parsing. The C engine holds a raw const byte pointer into the Ruby...
CVE-2026-54897 Oj : Use-After-Free in Oj::Doc Iterators via Reentrant Close
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to 3.17.2, Oj::Doc iterators eachvalue, eachchild, eachleaf were vulnerable to a heap use-after-free. When a Ruby block yielded during iteration calls doc.close or d.close, the document's heap memory is freed...
CVE-2026-54897
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to 3.17.2, Oj::Doc iterators eachvalue, eachchild, eachleaf were vulnerable to a heap use-after-free. When a Ruby block yielded during iteration calls doc.close or d.close, the document's heap memory is freed...
CVE-2026-54896
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in object mode, Oj.dump is vulnerable to a heap buffer overflow when serializing Exception objects with a large :indent value. The serializer allocates a buffer sized for the object'...
CVE-2026-54896
Oj (Optimized JSON) Ruby gem prior to 3.17.2 is affected when operating in object mode; Oj.dump can trigger a heap buffer overflow while serializing Exception objects with a large indent value. The issue stems from allocating a buffer sized for object attributes but not accounting for accumulated...
CVE-2026-54592 Oj: Stack Buffer Overflow in Oj::Doc#each_child via Deeply Nested Input
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj::Doceachchild, when invoked recursively over a deeply nested JSON document, overflows a fixed-size stack buffer and aborts the process, leading to DoS. In a two-step chain in...
CVE-2026-54592 Oj: Stack Buffer Overflow in Oj::Doc#each_child via Deeply Nested Input
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj::Doceachchild, when invoked recursively over a deeply nested JSON document, overflows a fixed-size stack buffer and aborts the process, leading to DoS. In a two-step chain in...
CVE-2026-54592
The CVE-2026-54592 vulnerability affects Oj (Optimized JSON), a Ruby gem JSON parser/marshaller. In versions prior to 3.17.3, Oj::Doc#each_child can overflow a fixed-size stack buffer when recursively traversing deeply nested JSON, causing a DoS. The issue arises from a two-step chain in ext/oj/f...