You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Oct 21, 2022. It is now read-only.
In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is supplied to Yajl::Parser.new.parse, the whole ruby process crashes with a SIGABRT in the yajl_string_decode function in yajl_encode.c. This results in the whole ruby process terminating and potentially a denial of service.
CVE-2017-16516 - High Severity Vulnerability
Vulnerable Library - yajl-ruby-1.2.1.gem
path: /var/lib/gems/2.3.0/cache/yajl-ruby-1.2.1.gem
Library home page: http://rubygems.org/gems/yajl-ruby-1.2.1.gem
Dependency Hierarchy:
Vulnerability Details
In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is supplied to Yajl::Parser.new.parse, the whole ruby process crashes with a SIGABRT in the yajl_string_decode function in yajl_encode.c. This results in the whole ruby process terminating and potentially a denial of service.
Publish Date: 2017-11-03
URL: CVE-2017-16516
CVSS 3 Score Details (7.5)
Base Score Metrics:
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: