4 matches found
CVE-2021-42836
CVE-2021-42836 affects the GJSON library. The vulnerability is a ReDoS (regular expression denial of service) in GJSON before 1.9.3, triggered by crafted JSON input. The provided documents confirm the issue and reference the upstream fix path: upgrading from 1.9.2 to 1.9.3 or later. No exploit de...
CVE-2020-36066
The CVE-2020-36066 issue affects the Go package tidwall/gjson (versions earlier than 1.6.5). The vulnerability is a remote denial of service caused by processing a specially crafted JSON input, as described in the connected OSV/GHSA entries. No exploit details are provided in the documents, and t...
CVE-2020-35380
GJSON (tidwall/gjson) vulnerable to denial of service due to crafted JSON; root cause is improper bounds checking leading to a panic. Affected versions are before 1.6.4; patch is to upgrade to 1.6.4 or newer. Impact is DoS (service disruption) without explicit remote code execution details in the...
CVE-2020-36067
CVE-2020-36067 affects the GJSON package (tidwall/gjson), where versions