Search CVE reports


Toggle filters

11 – 20 of 42294 results

Status is adjusted based on your filters.


CVE-2026-54897

Medium priority
Needs evaluation

Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to 3.17.2, Oj::Doc iterators (each_value, each_child, each_leaf) were vulnerable to a heap use-after-free. When a Ruby block yielded during...

1 affected package

ruby-oj

Package 20.04 LTS
ruby-oj Needs evaluation
Show less packages

CVE-2026-54896

Medium priority
Needs evaluation

Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in object mode, Oj.dump is vulnerable to a heap buffer overflow when serializing Exception objects with a large...

1 affected package

ruby-oj

Package 20.04 LTS
ruby-oj Needs evaluation
Show less packages

CVE-2026-54592

Medium priority
Needs evaluation

Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj::Doc#each_child, when invoked recursively over a deeply nested JSON document, overflows a fixed-size stack buffer...

1 affected package

ruby-oj

Package 20.04 LTS
ruby-oj Needs evaluation
Show less packages

CVE-2026-54502

Medium priority
Needs evaluation

Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj.dump is vulnerable to a stack-based buffer overflow when a large :indent value is provided by the developer....

1 affected package

ruby-oj

Package 20.04 LTS
ruby-oj Needs evaluation
Show less packages

CVE-2026-54500

Medium priority
Needs evaluation

Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj.load in :object mode reads uninitialized stack memory (and, for long keys, reads out of bounds) when parsing a JSON...

1 affected package

ruby-oj

Package 20.04 LTS
ruby-oj Needs evaluation
Show less packages

CVE-2026-58037

Medium priority
Needs evaluation

[LogFormatter: 'raw' parameter format is no longer raw HTML]

1 affected package

mediawiki

Package 20.04 LTS
mediawiki Needs evaluation
Show less packages

CVE-2026-58036

Medium priority
Needs evaluation

[Fix ApiQueryUsers leaking status ofprivate user conditions for user]

1 affected package

mediawiki

Package 20.04 LTS
mediawiki Needs evaluation
Show less packages

CVE-2026-58033

Medium priority
Needs evaluation

[Exclude rev-deleted usernames from distinct authors query]

1 affected package

mediawiki

Package 20.04 LTS
mediawiki Needs evaluation
Show less packages

CVE-2026-58032

Medium priority
Needs evaluation

[mw.Api.getErrorMessage: Treat formatversion=1 as text]

1 affected package

mediawiki

Package 20.04 LTS
mediawiki Needs evaluation
Show less packages

CVE-2026-58030

Medium priority
Needs evaluation

[Escape linelinks argument before passing it on to Pygments]

1 affected package

mediawiki

Package 20.04 LTS
mediawiki Needs evaluation
Show less packages