CVE-2025-27788

A flaw was found in the JSON gem for Ruby. This vulnerability causes an out-of-bounds read via a specially crafted document, possibly resulting in a crash. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security...

rubygem-json: Unsafe object creation vulnerability in JSON

A flaw was found in rubygem-json. While parsing certain JSON documents, the json gem including the one bundled with Ruby can be coerced into creating arbitrary objects in the target system. This is the same issue as CVE-2013-0269...

Ruby JSON gem input validation error vulnerability

Ruby JSON gem is a Ruby-based package for parsing JSON from text and generating JSON text from Ruby objects. An input validation error vulnerability in Ruby JSON gem version 2.2.0 and earlier can be exploited to force the creation of arbitrary objects on a target system...

DLA-215-1 libjson-ruby - security update

Bulletin has no description...

rubygem-json: Denial of Service and SQL Injection

The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to cause a denial of service resource consumption or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain...

rubygem-json: Denial of Service and SQL Injection

The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to cause a denial of service resource consumption or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain...