Parsing Unsanitized JSON from Ruby
Versions of the JSON gem > 1.7.5 incorporate a fix addressing CVE-2013-0269 that entails disabling support for parsing unvalidated JSON data from an arbitrary source.
If this is an issue for you (or you suspect it might be!) you may want to checkout my latest blog post containing a few workarounds as well as this pull request submitted to the JSON gem.
Post a comment