2 matches found
CVE-2026-33210
CVE-2026-33210 concerns Ruby JSON, a JSON implementation for Ruby. The vulnerability exists in versions 2.14.0 to before 2.15.2.1, 2.17.1.2, and 2.19.2, where parsing with the option allow_duplicate_key: false can trigger a format-string injection, leading to denial of service or information disc...
CVE-2025-64498 Tuleap has a Cross-Site Request Forgery (CSRF) vulnerability
Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap Community Edition versions below 17.0.99.1762444754 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 allow attackers trick victims into changing tracker general settings. Th...