VDB

DEBIAN-CVE-2026-32285

DEBIAN-CVE-2026-32285 PUBLISHED CVSS 7.5 HIGH

The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Debian:11golang-github-buger-jsonparser1.1.1-1, 1.1.2-1, 0
Debian:14golang-github-buger-jsonparser0, 1.1.1-2, 0
Debian:13golang-github-buger-jsonparser1.1.2-1, 1.1.1-2, 0
Debian:12golang-github-buger-jsonparser0, 1.1.1-2, 1.1.2-1

Exploit Intelligence

Timeline

  • Mar 26, 2026 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›