CVE-2026-33210HIGHCVSS 8.3≥ 2.14.0, < 2.15.2.1·≥ 2.16.0, < 2.17.1.2+1 more2026-03-20
CVE-2026-33210 [HIGH] CWE-134 CVE-2026-33210: Ruby JSON is a JSON implementation for Ruby. From version 2.14.0 to before versions 2.15.2.1, 2.17.1
Ruby JSON is a JSON implementation for Ruby. From version 2.14.0 to before versions 2.15.2.1, 2.17.1.2, and 2.19.2, a format string injection vulnerability can lead to denial of service attacks or information disclosure, when the allow_duplicate_key: false parsing option is used to parse user supplied documents. This issue has been patched in versions
nvd