Product

Oj Gem (< 3.17.2)

2 briefs RSS

Oj: Use-After-Free in Oj::Doc Iterators via Reentrant Close

A heap use-after-free vulnerability (CVE-2026-54897) exists in `Oj::Doc` iterators (`each_value`, `each_child`, `each_leaf`) in the `oj` Ruby gem, allowing an attacker to cause application crashes or unpredictable behavior when a Ruby block yielded during iteration reentrantly calls `doc.close` or `d.close`.

oj gem ruby use-after-free library-vulnerability dos

2r 1t 1d ago

high advisory

Stack Buffer Overflow in Oj Ruby Gem (CVE-2026-54502)

3 rules 4 TTPs

The `Oj.dump` function in the `Oj` Ruby gem is vulnerable to a stack-based buffer overflow (CVE-2026-54502) due to improper validation of the `:indent` parameter, allowing an attacker to trigger a process crash or potentially remote code execution by providing an excessively large integer value, affecting all `Oj` gem versions prior to `3.17.2`.

oj gem overflow ruby gem denial-of-service remote-code-execution application-vulnerability

3r 4t 1d ago