Vulnerabilities > Yajl Ruby Project

DATE CVE VULNERABILITY TITLE RISK
2022-04-05 CVE-2022-24795 Heap-based Buffer Overflow vulnerability in Yajl-Ruby Project Yajl-Ruby
yajl-ruby is a C binding to the YAJL JSON parsing and generation library.
network
low complexity
yajl-ruby-project CWE-122
7.5
2017-11-03 CVE-2017-16516 Use of Externally-Controlled Format String vulnerability in multiple products
In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is supplied to Yajl::Parser.new.parse, the whole ruby process crashes with a SIGABRT in the yajl_string_decode function in yajl_encode.c.
network
low complexity
yajl-ruby-project debian CWE-134
7.5