[Git][security-tracker-team/security-tracker][master] Add new ujson issue

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 23 12:38:03 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3c4a9cd1 by Salvatore Bonaccorso at 2026-06-23T13:37:41+02:00
Add new ujson issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -63,7 +63,9 @@ CVE-2026-55599 (phpseclib is a PHP secure communications library. From 0.1.1 unt
 CVE-2026-55409 (Filament is a collection of full-stack components for accelerated Lara ...)
 	NOT-FOR-US: Filament
 CVE-2026-54911 (UltraJSON is a fast JSON encoder and decoder written in pure C with bi ...)
-	TODO: check
+	- ujson <unfixed>
+	NOTE: https://github.com/ultrajson/ultrajson/security/advisories/GHSA-3j69-69wj-xqx2
+	NOTE: https://github.com/ultrajson/ultrajson/commit/169eaf36b1116fece5034ee79a7a0ef3f6deedcf (5.13.0)
 CVE-2026-54651 (pypdf is a free and open-source pure-python PDF library. Prior to 6.13 ...)
 	TODO: check
 CVE-2026-54531 (pypdf is a free and open-source pure-python PDF library. Prior to 6.13 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3c4a9cd10e8f8a2efab353399a2694b5cf11d0dc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3c4a9cd10e8f8a2efab353399a2694b5cf11d0dc
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260623/98db4632/attachment.htm>


More information about the debian-security-tracker-commits mailing list