79 matches found
CVE-2020-36066
GJSON 1.6.5 allows attackers to cause a denial of service remote via crafted JSON...
CVE-2020-36067
CVE-2020-36067 affects the GJSON package (tidwall/gjson), where versions
CVE-2020-36067
GJSON =v1.6.5 allows attackers to cause a denial of service panic: runtime error: slice bounds out of range via a crafted GET call...
CVE-2020-36067
GJSON =v1.6.5 allows attackers to cause a denial of service panic: runtime error: slice bounds out of range via a crafted GET call...
PT-2021-3192 · Gjson · Gjson
Name of the Vulnerable Software and Affected Versions: GJSON versions 1.6.5 and earlier GJSON version 1.6.5 Description: The issue allows attackers to cause a denial of service via a crafted GET call, resulting in a panic due to a runtime error, specifically a slice bounds out of range error. Thi...
PT-2021-3184 · Gjson · Gjson
Name of the Vulnerable Software and Affected Versions: GJSON versions prior to 1.6.5 Description: The issue is related to an uncontrolled resource consumption in the GJSON library, which can be exploited by a remote attacker using a specially crafted JSON request to cause a denial of service. A...
Tidwall Gjson 安全漏洞
GJSON is a Go package that provides a fast and easy way to get values from json documents. A denial of service vulnerability exists in GJSON versions prior to 1.6.5. An attacker can exploit this vulnerability to cause a denial of service via specially crafted JSON...
Tidwall Gjson 输入验证错误漏洞
GJSON is a Go package that provides a fast and easy way to get values from json documents. A denial of service vulnerability exists in GJSON 1.6.5 and earlier versions. An attacker can exploit this vulnerability to cause a denial of service via a specially crafted GET call...
CVE-2020-35380
GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON...
DEBIAN-CVE-2020-35380
GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON...
CVE-2020-35380
GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON...
Design/Logic Flaw
GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON...
UBUNTU-CVE-2020-35380
GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON...
CVE-2020-35380
GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON...
CVE-2020-35380
GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON...
CVE-2020-35380
GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON...
CVE-2020-35380
GJSON (tidwall/gjson) vulnerable to denial of service due to crafted JSON; root cause is improper bounds checking leading to a panic. Affected versions are before 1.6.4; patch is to upgrade to 1.6.4 or newer. Impact is DoS (service disruption) without explicit remote code execution details in the...
Tidwall Gjson Input Validation Error Vulnerability
Tidwall Gjson is a Go-based codebase for interacting with data in json format by Tidwall's individual developers. An input validation error vulnerability exists in GJSON before version 1.6.4. The vulnerability stems from a network system or product that does not properly validate input data, and...
CVE-2021-42248
CVE-2021-42248 is a duplicate of CVE-2021-42836. The connected document for CVE-2021-42836 describes a ReDoS vulnerability in the GJSON library (before version 1.9.3) where specially crafted JSON input can trigger a regular expression denial of service. Impact is denial of service; no product/ver...