VYPR

rpm package

opensuse/ruby3.2-rubygem-json_pure&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/ruby3.2-rubygem-json_pure&distro=openSUSE%20Tumbleweed

Vulnerabilities (1)

  • CVE-2020-10663Apr 28, 2020
    affected < 2.6.3-1.3fixed 2.6.3-1.3

    The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically,