| Release | Version |
|---|---|
| stretch | 1.6.2-1+deb9u2 |
| buster | 1.9.4-1 |
| bullseye | 1.11.0-1 |
| bookworm | 1.14.0-2 |
| trixie | 1.14.0-2 |
| sid | 1.14.0-2 |
| Bug | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-51774 | vulnerable | unknown | unknown | unknown | unknown | unknown | The json-jwt (aka JSON::JWT) gem 1.16.3 for Ruby sometimes allows bypa ... |
| CVE-2019-18848 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | The json-jwt gem before 1.11.0 for Ruby lacks an element count during ... |
| Bug | Description |
|---|---|
| CVE-2018-1000539 | Nov json-jwt version >= 0.5.0 && < 1.9.4 contains a CWE-347: Improper ... |
| DSA / DLA | Description |
|---|---|
| DLA-2390-1 | ruby-json-jwt - security update |
| DSA-4283-1 | ruby-json-jwt - security update |