blob: 0c57920d4c7a73acc66c3f510f3415421f3f64de [file] [log] [blame]
module: github.com/tidwall/gjson
versions:
- fixed: v1.6.4
description: |
Due to improper bounds checking, maliciously crafted JSON objects
can cause an out-of-bounds panic. If parsing user input, this may
be used as a denial of service vector.
published: 2021-04-14T12:00:00Z
cve: CVE-2020-35380
credit: "@toptotu"
symbols:
- sqaush
links:
commit: https://github.com/tidwall/gjson/commit/f0ee9ebde4b619767ae4ac03e8e42addb530f6bc
context:
- https://github.com/tidwall/gjson/issues/192