upgrade gjson to v1.9.3 to address CVE-2021-42836 (#928)
CVE-2021-42836 moderate severity Vulnerable versions: < 1.9.3 Patched version: 1.9.3 GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack.
Showing
... | ... | @@ -56,6 +56,7 @@ require ( |
github.com/shirou/gopsutil v3.21.3+incompatible // indirect | ||
github.com/sirupsen/logrus v1.7.0 | ||
github.com/tencentyun/cos-go-sdk-v5 v0.7.8 | ||
github.com/tidwall/gjson v1.9.3 // indirect | ||
github.com/tikv/client-go/v2 v2.0.0-alpha.0.20210709052506-aadf3cf62721 | ||
github.com/tklauser/go-sysconf v0.3.6 // indirect | ||
github.com/upyun/go-sdk/v3 v3.0.2 | ||
... | ... |
想要评论请 注册 或 登录