—
GO-2026-4514
Denial of service in github.com/buger/jsonparser
Details
The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack.
Are you affected?
Enter the version of the package you're using.
Affected packages
Go / github.com/buger/jsonparser
Introduced in:
0 Fixed in: 1.1.2 Fix
go get github.com/buger/jsonparser@v1.1.2