High severityNVD Advisory· Published Mar 19, 2020· Updated Aug 4, 2024
CVE-2020-10675
CVE-2020-10675
Description
The Library API in buger jsonparser through 2019-12-04 allows attackers to cause a denial of service (infinite loop) via a Delete call.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/buger/jsonparserGo | < 1.0.0 | 1.0.0 |
Affected products
2- buger/jsonparserdescription
Patches
Vulnerability mechanics
References
10- github.com/advisories/GHSA-rmh2-65xw-9m6qghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4C7PV6KEUUM76V4B2J5IFN2U6LEOWB67/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6KUHKDQSEYJNROA66OMN6AAQMGAAN6WI/mitrevendor-advisoryx_refsource_FEDORA
- nvd.nist.gov/vuln/detail/CVE-2020-10675ghsaADVISORY
- github.com/buger/jsonparser/commit/91ac96899e492584984ded0c8f9a08f10b473717ghsaWEB
- github.com/buger/jsonparser/issues/188ghsax_refsource_MISCWEB
- github.com/buger/jsonparser/pull/192ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4C7PV6KEUUM76V4B2J5IFN2U6LEOWB67ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6KUHKDQSEYJNROA66OMN6AAQMGAAN6WIghsaWEB
- pkg.go.dev/vuln/GO-2021-0089ghsaWEB
News mentions
0No linked articles in our index yet.