VIR Vulnerability Intelligence Relay

Package impact

golang Go / github.com/tidwall/gjson

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2020-36067 unknown 3y ago GJSON <=v1.6.5 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a crafted GET call.
CVE-2021-42248 unknown 4y ago Denial of service via maliciously crafted path in github.com/tidwall/gjson
CVE-2021-42836 unknown 4y ago GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack.
CVE-2020-35380 unknown 5y ago GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON.
CVE-2020-36066 unknown 5y ago GJSON <1.6.5 allows attackers to cause a denial of service (remote) via crafted JSON.