buger/jsonparser

buger/jsonparser

Releases5

Frequency1 year 5 months

Last Release about 1 month ago

Stars5.63K

One of the fastest alternative JSON parser for Go that does not require schema

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2026-32285 ↗	Mar 26, 2026Thursday, 26 March 2026, 20:16	7.5 HIGH	—
The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack.
CVE-2020-35381 ↗	Dec 15, 2020Tuesday, 15 December 2020, 21:15	7.5 HIGH	7.8 HIGH
jsonparser 1.0.0 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a GET call.
CVE-2020-10675 ↗	Mar 19, 2020Thursday, 19 March 2020, 14:15	7.5 HIGH	5 MEDIUM
The Library API in buger jsonparser through 2019-12-04 allows attackers to cause a denial of service (infinite loop) via a Delete call.