blob: 566fca6ceb4949b4045c264709133ecdbab6d850 [file] [log] [blame]
module: github.com/tidwall/gjson
versions:
- fixed: v1.6.6
description: |
Due to improper bounds checking, maliciously crafted JSON objects
can cause an out-of-bounds panic. If parsing user input, this may
be used as a denial of service vector.
published: 2021-04-14T12:00:00Z
cve: CVE-2020-36067
credit: "@toptotu"
symbols:
- unwrap
links:
commit: https://github.com/tidwall/gjson/commit/bf4efcb3c18d1825b2988603dea5909140a5302b
context:
- https://github.com/tidwall/gjson/issues/196