High severityNVD Advisory· Published Dec 15, 2020· Updated Aug 4, 2024
CVE-2020-35381
CVE-2020-35381
Description
jsonparser 1.0.0 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a GET call.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/buger/jsonparserGo | < 1.1.1 | 1.1.1 |
Affected products
2- jsonparser/jsonparserdescription
Patches
Vulnerability mechanics
References
10- github.com/advisories/GHSA-8vrw-m3j9-j27cghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27EA7OGCELV7QFAGVIHODHWKMKGFVIUZ/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LJO5N7YTDEUSTKYTNA372CE6VHCZJWUG/mitrevendor-advisoryx_refsource_FEDORA
- nvd.nist.gov/vuln/detail/CVE-2020-35381ghsaADVISORY
- github.com/buger/jsonparser/commit/df3ea76ece10095374fd1c9a22a4fb85a44efc42ghsaWEB
- github.com/buger/jsonparser/issues/219ghsax_refsource_MISCWEB
- github.com/buger/jsonparser/pull/221ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27EA7OGCELV7QFAGVIHODHWKMKGFVIUZghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LJO5N7YTDEUSTKYTNA372CE6VHCZJWUGghsaWEB
- pkg.go.dev/vuln/GO-2021-0057ghsaWEB
News mentions
0No linked articles in our index yet.