Github Com Buger Jsonparser
Monthly
The jsonparser library for Go fails to validate slice offsets when processing malformed JSON, enabling remote denial of service through crafted input that triggers negative array indices and runtime panics. The GitHub buger/jsonparser project across all versions is affected. Attackers can send specially crafted JSON payloads to applications using vulnerable versions, causing immediate service termination without requiring authentication or user interaction.
The jsonparser library for Go fails to validate slice offsets when processing malformed JSON, enabling remote denial of service through crafted input that triggers negative array indices and runtime panics. The GitHub buger/jsonparser project across all versions is affected. Attackers can send specially crafted JSON payloads to applications using vulnerable versions, causing immediate service termination without requiring authentication or user interaction.