30 matches found
Fedora 31 : rubygem-json (2020-26df92331a)
A security flaw was found on rubygem-json prior to 2.3.0 which was now assigned as CVE-2020-10663. This new rpm contains backport fixes for this issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...
CVE-2020-10663
A flaw was found in rubygem-json. While parsing certain JSON documents, the json gem including the one bundled with Ruby can be coerced into creating arbitrary objects in the target system. This is the same issue as CVE-2013-0269. Mitigation To mitigate this vulnerability, do not supply untrusted...
FreeBSD : rubygem-json -- Unsafe Objection Creation Vulnerability in JSON (Additional fix) (40194e1c-6d89-11ea-8082-80ee73419af3)
When parsing certain JSON documents, the json gem including the one bundled with Ruby can be coerced into creating arbitrary objects in the target system. This is the same issue as CVE-2013-0269. The previous fix was incomplete, which addressed JSON.parseuserinput, but didn't address some other...
Fedora Update for rubygem-json FEDORA-2013-3052
Check for the Version of rubygem-json OpenVAS Vulnerability Test Fedora Update for rubygem-json FEDORA-2013-3052 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora Update for rubygem-json FEDORA-2013-3050
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for rubygem-json FEDORA-2013-3052
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for rubygem-json FEDORA-2013-3050
Check for the Version of rubygem-json OpenVAS Vulnerability Test Fedora Update for rubygem-json FEDORA-2013-3050 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora 18 : rubygem-json-1.6.8-1.fc18 (2013-3052)
A security flaw was discovered on the previous json that there is a denial of service and unsafe object creation vulnerability. This vulnerability has been assigned the CVE identifier CVE-2013-0269. This new rpm will fix this issue. Note that Tenable Network Security has extracted the preceding...
[SECURITY] Fedora 17 Update: rubygem-json-1.6.8-1.fc17
This is a implementation of the JSON specification according to RFC 4627 in Ruby. You can think of it as a low fat alternative to XML, if you want to store data to disk or transmit it over a network rather than use a verbose markup language...
CVE-2013-0269 rubygem-json: Denial of Service and SQL Injection
The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to cause a denial of service resource consumption or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain...