Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Object deserialization attacks using Ruby's Oj JSON parser (hezmatt.org)
4 points by JNRowe 5 months ago | hide | past | favorite | 1 comment


I think that in 2025 the standard ruby JSON library is now finally faster than Oj so it’s pretty it’s one more external dependency we can remove.

Thanks for your service OJ, you were very helpful for a long time.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: