Sha256: 0a3d8c1b6eb37d05b8d6ba2e451f947082a449021c093e87f142e1222d06cfd5

Contents?: true

Size: 550 Bytes

Versions: 5

Compression:

Stored size: 550 Bytes

Contents

--- 
gem: json
cve: 2013-0269
osvdb: 101137
url: http://osvdb.org/show/osvdb/101137
title: json Gem for Ruby JSON::GenericObject Function Arbitrary Addition Creation
date: 2013-02-04
description: |
  json Gem for Ruby contains a flaw in the JSON::GenericObject function. The
  issue is due to the program failing to restrict users from creating additions
  regardless of the state of create_additions. This may allow a remote attacker
  to create arbitrary additions.
cvss_v2: 9.0
patched_versions: 
  - ">= 1.7.7"
unaffected_versions:
  - "< 1.7.0"

Version data entries

5 entries across 5 versions & 2 rubygems

Version Path
bundler-budit-0.6.2 data/ruby-advisory-db/gems/json/OSVDB-101137.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/json/OSVDB-101137.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/json/OSVDB-101137.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/json/OSVDB-101137.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/json/OSVDB-101137.yml