зеркало из https://github.com/golang/vulndb.git
27 строки
775 B
YAML
27 строки
775 B
YAML
modules:
|
|
- module: github.com/tidwall/gjson
|
|
versions:
|
|
- fixed: 1.6.5
|
|
vulnerable_at: 1.6.4
|
|
packages:
|
|
- package: github.com/tidwall/gjson
|
|
symbols:
|
|
- parseObject
|
|
- queryMatches
|
|
derived_symbols:
|
|
- Get
|
|
- GetBytes
|
|
- GetMany
|
|
- GetManyBytes
|
|
- Result.Get
|
|
description: A maliciously crafted JSON input can cause a denial of service attack.
|
|
published: 2022-08-25T06:28:20Z
|
|
cves:
|
|
- CVE-2020-36066
|
|
ghsas:
|
|
- GHSA-wjm3-fq3r-5x46
|
|
references:
|
|
- fix: https://github.com/tidwall/match/commit/c2f534168b739a7ec1821a33839fb2f029f26bbc
|
|
- web: https://github.com/tidwall/gjson/commit/9f58baa7a613f89dfdc764c39e47fd3a15606153
|
|
- web: https://github.com/tidwall/gjson/issues/195
|