Denial of Service (DoS)
Affecting sequel gem, versions <3.45.0 ,>=3.37.0
sequel is a Database Toolkit for Ruby.
Affected versions of the package are vulnerable to Denial of Service (DoS) and unsafe object creation vulnerabilities. When parsing certain JSON documents, it can be tricked into creating Ruby symbols in the target system.
sequel to version 3.45.0 or higher.
Do your applications use this vulnerable package?
- Jeremy Evans
- Snyk ID
- 10 Feb, 2013
- 10 Jan, 2018