[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33210/ruby-json
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Mar 21 09:17:37 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c8d3519e by Salvatore Bonaccorso at 2026-03-21T10:17:09+01:00
Add CVE-2026-33210/ruby-json
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -153,7 +153,9 @@ CVE-2026-33226 (Budibase is a low code platform for creating internal tools, wor
CVE-2026-33221 (Nhost is an open source Firebase alternative with GraphQL. Prior to ve ...)
NOT-FOR-US: Nhost
CVE-2026-33210 (Ruby JSON is a JSON implementation for Ruby. From version 2.14.0 to be ...)
- TODO: check
+ - ruby-json <unfixed>
+ NOTE: https://github.com/ruby/json/security/advisories/GHSA-3m6g-2423-7cp3
+ NOTE: Fixed by: https://github.com/ruby/json/commit/393b41c3e5f87491e1e34fa59fa78ff6fa179a74 (v2.19.2)
CVE-2026-33209 (Avo is a framework to create admin panels for Ruby on Rails apps. Prio ...)
TODO: check
CVE-2026-33204 (SimpleJWT is a simple JSON web token library written in PHP. Prior to ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c8d3519e0a7d8026acff96b1b19f4e96fb5ca880
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c8d3519e0a7d8026acff96b1b19f4e96fb5ca880
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260321/933e51d8/attachment.htm>
More information about the debian-security-tracker-commits
mailing list