Identifier

CVE-2020-10663

Package Slug

gem/json

Vulnerability

Improper Input Validation

Description

The JSON gem has an Unsafe Object Creation Vulnerability. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.

Affected Versions

All versions up to 2.2.0

Solution

Upgrade to version 2.3.0 or above.

Last Modified

2020-07-21

source