Search CVE reports
331 – 340 of 42615 results
Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to 3.17.2, Oj::Doc iterators (each_value, each_child, each_leaf) were vulnerable to a heap use-after-free. When a Ruby block yielded during...
1 affected package
ruby-oj
| Package | 20.04 LTS |
|---|---|
| ruby-oj | Needs evaluation |
Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in object mode, Oj.dump is vulnerable to a heap buffer overflow when serializing Exception objects with a large...
1 affected package
ruby-oj
| Package | 20.04 LTS |
|---|---|
| ruby-oj | Needs evaluation |
Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj::Doc#each_child, when invoked recursively over a deeply nested JSON document, overflows a fixed-size stack buffer...
1 affected package
ruby-oj
| Package | 20.04 LTS |
|---|---|
| ruby-oj | Needs evaluation |
Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj.dump is vulnerable to a stack-based buffer overflow when a large :indent value is provided by the developer....
1 affected package
ruby-oj
| Package | 20.04 LTS |
|---|---|
| ruby-oj | Needs evaluation |
Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj.load in :object mode reads uninitialized stack memory (and, for long keys, reads out of bounds) when parsing a JSON...
1 affected package
ruby-oj
| Package | 20.04 LTS |
|---|---|
| ruby-oj | Needs evaluation |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Language/Language.Php,...
1 affected package
mediawiki
| Package | 20.04 LTS |
|---|---|
| mediawiki | Needs evaluation |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryAllUsers.Php,...
1 affected package
mediawiki
| Package | 20.04 LTS |
|---|---|
| mediawiki | Needs evaluation |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Actions/InfoAction.Php. This issue affects MediaWiki: from *...
1 affected package
mediawiki
| Package | 20.04 LTS |
|---|---|
| mediawiki | Needs evaluation |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program...
1 affected package
mediawiki
| Package | 20.04 LTS |
|---|---|
| mediawiki | Needs evaluation |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation SyntaxHighlight_GeSHi. This vulnerability is associated with program...
1 affected package
mediawiki
| Package | 20.04 LTS |
|---|---|
| mediawiki | Needs evaluation |