Lucene search
GoogleOSV:GHSA-C9GM-7RFJ-8W5HHistoryMay 25, 2022 - 12:00 a.m.
ReDoS via crafted JSON input in GJSON
2022-05-2500:00:38
Google
osv.dev
14
0.003 Low
EPSS
Percentile
68.8%
GJSON <= 1.9.2 allows attackers to cause a redos via crafted JSON input.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/tidwall/gjson | lt | 1.9.3 |
References
github.com/tidwall/gjson
github.com/tidwall/gjson/commit/590010fdac311cc8990ef5c97448d4fec8f29944
github.com/tidwall/gjson/commit/77a57fda87dca6d0d7d4627d512a630f89a91c96
github.com/tidwall/gjson/issues/236
github.com/tidwall/gjson/issues/237
nvd.nist.gov/vuln/detail/CVE-2021-42248
pkg.go.dev/vuln/GO-2021-0265
Related
osv
osv
github.com/tidwall/gjson Vulnerable to REDoS attack
2021-10-25 19:43:15
Denial of service via maliciously crafted path in github.com/tidwall/gjson
2022-08-15 18:06:07
CVE-2021-42836
2021-10-22 18:15:14
cve
cve
CVE-2021-42248
2022-05-24 15:15:07
CVE-2021-42836
2021-10-22 18:15:14
nvd
nvd
CVE-2021-42248
2022-05-24 15:15:07
CVE-2021-42836
2021-10-22 18:15:14
debiancve
debiancve
CVE-2021-42248
2022-05-24 15:15:07
CVE-2021-42836
2021-10-22 18:15:14
ubuntucve
ubuntucve
CVE-2021-42248
2022-05-24 00:00:00
CVE-2021-42836
2021-10-22 00:00:00
prion
prion
Input validation
2022-05-24 15:15:00
Design/Logic Flaw
2021-10-22 18:15:00
github
github
Duplicate Advisory: ReDoS via crafted JSON input in GJSON
2022-05-25 00:00:38
github.com/tidwall/gjson Vulnerable to REDoS attack
2021-10-25 19:43:15
cnvd
cnvd
Tidwall Gjson Denial of Service Vulnerability
2022-05-26 00:00:00
cvelist
cvelist
CVE-2021-42248
1976-01-01 00:00:00
CVE-2021-42836
2021-10-22 17:22:47
veracode
veracode
Denial Of Service (DoS)
2021-10-25 15:25:03
ibm
ibm
photon
photon
Important Photon OS Security Update - PHSA-2023-5.0-0041
2023-06-29 00:00:00