ByteOS Network

jsonparser

Source -

NVD

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

3Vulnerabilities found

CVE-2026-32285

Assigner-Go Project

View Details

Assigner-Go Project

CVSS Score-7.5||HIGH

EPSS-0.02% / 5.90%

7 Day CHG-0.04%

Published-26 Mar, 2026 | 19:40

Updated-21 Apr, 2026 | 15:42

Denial of service in github.com/buger/jsonparser

The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack.

Vendor-jsonparser_project github.com/buger/jsonparser

Product-jsonparser github.com/buger/jsonparser

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2020-35381

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-7.5||HIGH

EPSS-0.24% / 47.37%

7 Day CHG~0.00%

Published-15 Dec, 2020 | 20:14

Updated-04 Aug, 2024 | 17:02

jsonparser 1.0.0 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a GET call.

Vendor-jsonparser_project n/a Fedora Project

Product-fedora jsonparser n/a

CVE-2020-10675

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-7.5||HIGH

EPSS-0.27% / 50.81%

7 Day CHG~0.00%

Published-19 Mar, 2020 | 13:27

Updated-04 Aug, 2024 | 11:06

The Library API in buger jsonparser through 2019-12-04 allows attackers to cause a denial of service (infinite loop) via a Delete call.

Vendor-jsonparser_project n/a Fedora Project

Product-fedora jsonparser n/a

CWE ID-CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')