CVE-2020-36067

Improper Validation of Array Index in go/github.com/tidwall/gjson

Identifier

CVE-2020-36067

Package Slug

go/github.com/tidwall/gjson

Vulnerability

Improper Validation of Array Index

Description

GJSON allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a crafted GET call.

Affected Versions

All versions up to 1.6.5

Solution

Upgrade to version 1.6.6 or above.

Last Modified

2021-01-12

source