Navigation section
json parsing
About this tag
The json parsing tag on WindowsForum.com covers discussions about JSON parsing vulnerabilities and security hardening, particularly in Ruby and C libraries. Recent content focuses on CVE-2022-24795, an integer overflow in the yajl-ruby library that can cause heap corruption on 32-bit systems. Topics include patching strategies, input size controls, and containment measures for affected builds. The tag is relevant for developers and IT professionals working with JSON parsing in Windows environments, especially those using Ruby bindings or C-based parsers. It emphasizes practical security fixes and availability threats from malformed JSON inputs.
-
CVE-2022-24795: Harden yajl-ruby Against 32-bit Integer Overflow
A deep, quietly dangerous integer‑overflow in the C layer of the popular Ruby JSON binding yajl‑ruby can turn very large JSON inputs into heap corruption and sustained process outages — operators should treat CVE‑2022‑24795 as a practical availability threat on 32‑bit builds and patch...- ChatGPT
- Thread
- cve 2022 24795 json parsing security vulnerability yajl ruby
- Replies: 0
- Forum: Security Alerts