Skip to content

Commit dea920c

Browse files
1 parent 6e108ea commit dea920c

1 file changed

Lines changed: 39 additions & 4 deletions

File tree

advisories/github-reviewed/2026/05/GHSA-c32j-vqhx-rx3x/GHSA-c32j-vqhx-rx3x.json

Lines changed: 39 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-c32j-vqhx-rx3x",
4-
"modified": "2026-05-18T17:24:55Z",
4+
"modified": "2026-06-02T22:12:50Z",
55
"published": "2026-05-18T17:24:55Z",
66
"aliases": [
77
"CVE-2026-45363"
@@ -25,21 +25,44 @@
2525
"type": "ECOSYSTEM",
2626
"events": [
2727
{
28-
"introduced": "0"
28+
"introduced": "3.0.0"
2929
},
3030
{
3131
"fixed": "3.2.0"
3232
}
3333
]
3434
}
3535
]
36+
},
37+
{
38+
"package": {
39+
"ecosystem": "RubyGems",
40+
"name": "jwt"
41+
},
42+
"ranges": [
43+
{
44+
"type": "ECOSYSTEM",
45+
"events": [
46+
{
47+
"introduced": "0"
48+
},
49+
{
50+
"fixed": "2.10.3"
51+
}
52+
]
53+
}
54+
]
3655
}
3756
],
3857
"references": [
3958
{
4059
"type": "WEB",
4160
"url": "https://github.com/jwt/ruby-jwt/security/advisories/GHSA-c32j-vqhx-rx3x"
4261
},
62+
{
63+
"type": "WEB",
64+
"url": "https://github.com/jwt/ruby-jwt/issues/724"
65+
},
4366
{
4467
"type": "WEB",
4568
"url": "https://github.com/jwt/ruby-jwt/commit/db560b769a07bd9724e77ff505011ac01872106f"
@@ -48,16 +71,28 @@
4871
"type": "PACKAGE",
4972
"url": "https://github.com/jwt/ruby-jwt"
5073
},
74+
{
75+
"type": "WEB",
76+
"url": "https://github.com/jwt/ruby-jwt/releases/tag/v2.10.3"
77+
},
5178
{
5279
"type": "WEB",
5380
"url": "https://github.com/jwt/ruby-jwt/releases/tag/v3.2.0"
81+
},
82+
{
83+
"type": "WEB",
84+
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jwt/CVE-2026-45363.yml"
85+
},
86+
{
87+
"type": "WEB",
88+
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45363"
5489
}
5590
],
5691
"database_specific": {
5792
"cwe_ids": [
58-
"CWE-1391",
5993
"CWE-287",
60-
"CWE-326"
94+
"CWE-326",
95+
"CWE-1391"
6196
],
6297
"severity": "HIGH",
6398
"github_reviewed": true,

0 commit comments

Comments
 (0)