VYPR

Go modules package

github.com/tidwall/gjson

pkg:golang/github.com/tidwall/gjson

Vulnerabilities (4)

  • CVE-2021-42836Oct 22, 2021
    affected < 1.9.3fixed 1.9.3

    GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack.

  • CVE-2020-36066Jan 5, 2021
    affected < 1.6.5fixed 1.6.5

    GJSON <1.6.5 allows attackers to cause a denial of service (remote) via crafted JSON.

  • CVE-2020-36067Jan 5, 2021
    affected < 1.6.6fixed 1.6.6

    GJSON <=v1.6.5 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a crafted GET call.

  • CVE-2020-35380Dec 15, 2020
    affected < 1.6.4fixed 1.6.4

    GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON.