VYPR

ruby-json

by Debian

CVEs (1)

  • CVE-2026-54696Jul 3, 2026
    risk 0.00cvss epss

    Ruby JSON is a JSON implementation for Ruby. Versions 2.9.0 through 2.19.8 are vulnerable to heap buffer overflow when the JSON generator is provided with an oversized streamed object. When streaming to an IO JSON.dump(obj, io) and JSON::State#generate(obj, io) can write past…