VYPR

Go modules package

github.com/buger/jsonparser

pkg:golang/github.com/buger/jsonparser

Vulnerabilities (3)

  • CVE-2026-32285HigMar 26, 2026
    affected < 1.1.2fixed 1.1.2

    The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack.

  • CVE-2020-35381Dec 15, 2020
    affected < 1.1.1fixed 1.1.1

    jsonparser 1.0.0 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a GET call.

  • CVE-2020-10675Mar 19, 2020
    affected < 1.0.0fixed 1.0.0

    The Library API in buger jsonparser through 2019-12-04 allows attackers to cause a denial of service (infinite loop) via a Delete call.