Gjson Project Gjson vulnerabilities
4 known vulnerabilities affecting gjson_project/gjson.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH4
Vulnerabilities
Page 1 of 1
CVE-2021-42836HIGHCVSS 7.5fixed in 1.9.32021-10-22
CVE-2021-42836 [HIGH] CWE-400 CVE-2021-42836: GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack.
GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack.
nvd
CVE-2020-36066HIGHCVSS 7.5fixed in 1.6.52021-01-05
CVE-2020-36066 [HIGH] CVE-2020-36066: GJSON <1.6.5 allows attackers to cause a denial of service (remote) via crafted JSON.
GJSON <1.6.5 allows attackers to cause a denial of service (remote) via crafted JSON.
nvd
CVE-2020-36067HIGHCVSS 7.5≤ 1.6.52021-01-05
CVE-2020-36067 [HIGH] CWE-129 CVE-2020-36067: GJSON <=v1.6.5 allows attackers to cause a denial of service (panic: runtime error: slice bounds out
GJSON <=v1.6.5 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a crafted GET call.
nvd
CVE-2020-35380HIGHCVSS 7.5fixed in 1.6.42020-12-15
CVE-2020-35380 [HIGH] CVE-2020-35380: GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON.
GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON.
nvd