VDB

GCVE-VVD-MAGEIA-2020-186

GCVE-VVD-MAGEIA-2020-186
Advisory Published
Vulnetix · Advisory published August 20, 2020
Updated ruby-json packages fix security vulnerability: In ruby-json before 2.3.0, there is an unsafe object creation vulnerability. When parsing certain JSON documents, the json gem can be coerced into creating arbitrary objects in the target system (CVE-2020-10663).
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiaruby-json0 (affected), 2.1.0-3.1.mga7 (unaffected), 0 (affected), 2.1.0-3.1.mga7 (unaffected)
Mageiaflash-player-plugin0 (affected), 32.0.0.414-1.mga7.nonfree (unaffected)

References

Updated ruby-json packages fix security vulnerability
advisory
Updated ruby-json packages fix security vulnerability
advisory
Updated ruby-json packages fix security vulnerability
issue
Updated ruby-json packages fix security vulnerability
issue
Updated flash-player-plugin packages fix important bugs.
advisory
Updated flash-player-plugin packages fix important bugs.
issue
Updated flash-player-plugin packages fix important bugs.
issue
Updated flash-player-plugin packages fix important bugs.
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›