CVE-2020-35380

HIGH7.5EPSS 0.47%

Panic due to improper input validation in Get in github.com/tidwall/gjson

發布日:2021/6/23修改日:2026/4/28

描述

GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON.

受影響套件(3)

Debian/golang-github-tidwall-gjsonfrom 0, < 1.6.7-1
Go/github.com/tidwall/gjsonfrom 0, < 1.6.4
Go/github.com/tidwall/gjsonfrom 0, < 1.6.4

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

參考連結(6)