github.com/tidwall/gjson is vulnerable to Denial of service

🗓️ 18 May 2021 21:54:07Reported by GitHub Advisory DatabaseType

Vulnerability in gjson software for Denial of Service via crafted JSON

Reporter	Title	Published	Views	Family All 13
OSV	CVE-2020-36066	5 Jan 202121:15	–	osv
OSV	Denial of service via maliciously crafted JSON in github.com/tidwall/gjson	25 Aug 202206:28	–	osv
OSV	github.com/tidwall/gjson is vulnerable to Denial of service	18 May 202121:07	–	osv
NVD	CVE-2020-36066	5 Jan 202121:15	–	nvd
Veracode	Denial Of Service (DoS)	6 Jan 202105:52	–	veracode
Cvelist	CVE-2020-36066	5 Jan 202120:41	–	cvelist
Prion	Design/Logic Flaw	5 Jan 202121:15	–	prion
UbuntuCve	CVE-2020-36066	5 Jan 202100:00	–	ubuntucve
CVE	CVE-2020-36066	5 Jan 202121:15	–	cve
RedhatCVE	CVE-2020-36066	5 Feb 202515:09	–	redhatcve

Vulners

Node

tidwall gjsonRange<1.6.5

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-36066
github	www.github.com/tidwall/gjson/issues/195
github	www.github.com/tidwall/gjson/issues/195
github	www.github.com/tidwall/match/commit/c2f534168b739a7ec1821a33839fb2f029f26bbc
github	www.github.com/tidwall/gjson/commit/9f58baa7a613f89dfdc764c39e47fd3a15606153
pkg	www.pkg.go.dev/vuln/GO-2022-0957
github	www.github.com/advisories/GHSA-wjm3-fq3r-5x46

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

18 May 2021 21:07Current

7.2High risk

Vulners AI Score7.2

CVSS25

CVSS37.5

EPSS0.00087

CWE-400

github vulnerability json