Lucene search
K

10 matches found

OSV
OSV
added 2026/07/01 12:16 a.m.4 views

DEBIAN-CVE-2026-54899

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to version 3.17.2, disabling symbolkeys on a reused Oj::Parser instance triggers a heap use-after-free. When symbolkeys is toggled from true to false, optsymbolkeysset frees the internal key cache cachefree but...

6.3CVSS5.7AI score0.00428EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 12:16 a.m.5 views

UBUNTU-CVE-2026-54896

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in object mode, Oj.dump is vulnerable to a heap buffer overflow when serializing Exception objects with a large :indent value. The serializer allocates a buffer sized for the object'...

2.1CVSS6AI score0.00119EPSS
Exploits0References3
OSV
OSV
added 2026/07/01 12:16 a.m.4 views

UBUNTU-CVE-2026-54898

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2,Oj::Parserparse is vulnerable to a heap use-after-free when a SAJ/SAJ2 callback mutates the input JSON string during parsing. The C engine holds a raw const byte pointer into the Ruby...

2.1CVSS5.9AI score0.00117EPSS
Exploits0References3
OSV
OSV
added 2026/07/01 12:16 a.m.4 views

UBUNTU-CVE-2026-54900

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in usual mode with createid enabled, Oj::Parserparse is vulnerable to heap corruption via a negative-size memcpy. When a JSON object key is exactly 65,535 bytes long, an integer...

6.3CVSS5.7AI score0.00253EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/03/12 3:35 p.m.21 views

Out-of-bounds Read in Ruby JSON Parser

Impact A specially crafted document could cause an out of bound read, most likely resulting in a crash. Versions 2.10.0 and 2.10.1 are impacted. Older versions are not. Patches Version 2.10.2 fixes the problem. Workarounds None...

7.5CVSS6.8AI score0.00665EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2025/03/12 3:35 p.m.18 views

GHSA-9M3Q-RHMV-5Q44 Out-of-bounds Read in Ruby JSON Parser

Impact A specially crafted document could cause an out of bound read, most likely resulting in a crash. Versions 2.10.0 and 2.10.1 are impacted. Older versions are not. Patches Version 2.10.2 fixes the problem. Workarounds None...

7.5CVSS7.5AI score0.00665EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/03/12 1:51 p.m.10 views

CVE-2025-27788 Ruby JSON Parser has Out-of-bounds Read

JSON is a JSON implementation for Ruby. Starting in version 2.10.0 and prior to version 2.10.2, a specially crafted document could cause an out of bound read, most likely resulting in a crash. Versions prior to 2.10.0 are not vulnerable. Version 2.10.2 fixes the problem. No known workarounds are...

7.5CVSS7.6AI score0.00665EPSS
Exploits0References3
CVE
CVE
added 2025/03/12 1:51 p.m.267 views

CVE-2025-27788

The CVE-2025-27788 entry corresponds to a Ruby JSON parser vulnerability (CVE-2025-27788) with out-of-bounds read leading to crashes. In IBM’s advisory, the affected products are: IBM watsonx Assistant Cartridge (versions 4.0–5.2.0) and IBM watsonx Orchestrate with watsonx Assistant Cartridge – A...

7.5CVSS7.6AI score0.00665EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/03/12 1:51 p.m.19 views

CVE-2025-27788 Ruby JSON Parser has Out-of-bounds Read

JSON is a JSON implementation for Ruby. Starting in version 2.10.0 and prior to version 2.10.2, a specially crafted document could cause an out of bound read, most likely resulting in a crash. Versions prior to 2.10.0 are not vulnerable. Version 2.10.2 fixes the problem. No known workarounds are...

7.5CVSS0.00665EPSS
Exploits0References3
RubySec
RubySec
added 2025/03/12 12:0 a.m.22 views

Out-of-bounds Read in Ruby JSON Parser

Impact A specially crafted document could cause an out of bound read, most likely resulting in a crash. Versions 2.10.0 and 2.10.1 are impacted. Older versions are not. Patches Version 2.10.2 fixes the problem. Workarounds None...

7.5CVSS7.4AI score0.00665EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder