Am 5. Juli 2023 04:52:48 UTC schrieb Anton Gladky <gladk@debian.org>: >Hello, > >I am looking into CVE-2023-33460 and I am not sure that ruby-yajl >is affected. There is no direct dependency on yajl, where the vulnerability >was detected. > >Should ruby-yajl be unmarked as affected by this CVE? > >Thank you > >Anton this matches my analysis: rubi-yajl is not affected