Vulnerability Report: GO-2021-0265
- CVE-2021-42248, CVE-2021-42836, and 2 more
- Affects: github.com/tidwall/gjson
- Published: Aug 15, 2022
- Modified: May 20, 2024
A maliciously crafted path can cause Get and other query functions to consume excessive amounts of CPU and time.
Affected Packages
-
PathGo VersionsSymbols
-
before v1.9.3
5 affected symbols
Aliases
References
- https://github.com/tidwall/gjson/commit/77a57fda87dca6d0d7d4627d512a630f89a91c96
- https://github.com/tidwall/gjson/issues/237
- https://github.com/tidwall/gjson/issues/236
- https://github.com/tidwall/gjson/commit/590010fdac311cc8990ef5c97448d4fec8f29944
- https://vuln.go.dev/ID/GO-2021-0265.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.