Concurrent Ruby: `ReentrantReadWriteLock` read-count overflow grants a write lock without exclusivity
Concurrent Ruby : `AtomicReference#update` livelocks when the stored value is `Float::NAN`
Oj: Integer Overflow in Oj.load 2GB String Handling
Oj: Use-After-Free in Oj::Parser SAJ Long Key Callback
Oj: Use-After-Free in Oj::Parser array_class/hash_class GC Marking
Oj: Negative-Size memcpy in Oj::Parser create_id Attribute Handling
CoreWCF: SPNEGO SecurityContextToken proof key wrapped without confidentiality
CoreWCF: XML Signature Wrapping in WS-Security endorsing/supporting signature verification allows replay of captured signed messages
CoreWCF: Authentication bypass in CoreWCF SAML 1.1 / 2.0 token signature validation
CoreWCF: SAML SubjectConfirmation methods and holder-of-key proof keys are not enforced
CoreWCF: WS-Security Reference DigestMethod Algorithm-Suite Bypass
CoreWCF: SAML token replay protection is inoperative
CoreWCF: UnixDomainSocket Non-Reentrant POSIX Identity Resolution
CoreWCF NetNamedPipe transport accepts attach to a pre-existing named pipe instance
CoreWCF: Unix Domain Socket PosixIdentity transport accepts connections that skip the security upgrade
CoreWCF: Kafka consume pump halts permanently on a Kafka tombstone (null-value record), causing persistent endpoint denial of service.
CoreWCF: SamlSerializer skips SignatureValue verification when SAML signing token is not an X.509 certificate
CoreWCF: WS-Security signature substitution via document-wide Signature lookup
CoreWCF: Pre-authentication infinite-loop CPU exhaustion in CoreWCF net.tcp / net.pipe / net.uds framing handshake
Python Liquid: Infinite loop when parsing malformed `{% case %}` tags