Primary

Context

Ruby JSON Library Out-of-Bounds Read Vulnerability

Vulnerability

A vulnerability allowing an out-of-bounds read has been identified in the Ruby JSON library, specifically in versions 2.10.0 and 2.10.1. This flaw could lead to a crash, as a result of processing a specially crafted document. Versions prior to 2.10.0 are not vulnerable, and version 2.10.2 has addressed this issue.

Impact

Exploitation of this vulnerability can cause a crash, disrupting the application's availability.

Remediation

Users can upgrade to JSON version 2.10.2 to address this vulnerability. Instructions for updating can be found in the Ruby JSON repository on GitHub.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.1

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.1

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ruby JSON Library Out-of-Bounds Read Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating