From 9834d70ed7862dcdbd66540bc65dc847e4086466 Mon Sep 17 00:00:00 2001
From: lena-larionova <54370747+lena-larionova@users.noreply.github.com>
Date: Fri, 13 Sep 2024 15:57:08 -0700
Subject: [PATCH] Update: 3.8 known issue for JSON threat protection plugin
 (#7924)

* 3.8 known issue for JSON threat protection plugin

* add the known issue to the plugin's own changelog
---
 app/_hub/kong-inc/json-threat-protection/_changelog.md | 7 +++++++
 app/gateway/changelog.md                               | 8 ++++++++
 2 files changed, 15 insertions(+)

diff --git a/app/_hub/kong-inc/json-threat-protection/_changelog.md b/app/_hub/kong-inc/json-threat-protection/_changelog.md
index d1f6592f7592..b058c43d1197 100644
--- a/app/_hub/kong-inc/json-threat-protection/_changelog.md
+++ b/app/_hub/kong-inc/json-threat-protection/_changelog.md
@@ -3,3 +3,10 @@
 ### {{site.base_gateway}} 3.8.0.0
 
 * Introduced the new **JSON Threat Protection** plugin.
+
+**Known issues**:
+*  In the [JSON Threat Protection plugin](/hub/kong-inc/json-threat-protection/configuration/), the default value of `-1`
+for any of the `max_*` parameters indicates unlimited.
+In some environments (such as ARM64-based environments), the default value is interpreted incorrectly.
+The plugin can erroneously block valid requests if any of the parameters continue with the default values.
+To mitigate this issue, configure the JSON Threat Protection plugin with limits for all of the `max_*` parameters.
diff --git a/app/gateway/changelog.md b/app/gateway/changelog.md
index 4e9880cc4491..cd551f8e77c5 100644
--- a/app/gateway/changelog.md
+++ b/app/gateway/changelog.md
@@ -539,6 +539,14 @@ to be set for the Kafka client.
   * Fixed a memory leak issue where the master nodes cache expanded infinitely upon refresh.
   * Fixed an issue where multiple cluster instances were accidentally flushed.
 
+### Known issues
+
+* In the [JSON Threat Protection plugin](/hub/kong-inc/json-threat-protection/configuration/), the default value of `-1`
+for any of the `max_*` parameters indicates unlimited.
+In some environments (such as ARM64-based environments), the default value is interpreted incorrectly.
+The plugin can erroneously block valid requests if any of the parameters continue with the default values.
+To mitigate this issue, configure the JSON Threat Protection plugin with limits for all of the `max_*` parameters.
+
 ## 3.7.1.2
 **Release Date** 2024/07/09