These are all security issues fixed in the ruby2.7-rubygem-json_pure-2.5.1-1.4 package on the GA media of openSUSE Tumbleweed.