- Home
- CVEs with nessus.description==Lawrence Pit discovered that Ruby on Rails, a web development framework, is vulnerable to a flaw in the parsing of JSON to YAML.
Using a specially crafted payload attackers can trick the backend into decoding a subset of YAML.
The vulnerability has been addressed by removing the YAML backend and adding the OkJson backend.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top