Lucene search

K
osvGoogleOSV:GO-2021-0076
HistoryApr 14, 2021 - 8:04 p.m.

Out-of-bounds write in github.com/evanphx/json-patch

2021-04-1420:04:52
Google
osv.dev
17
malicious json patch
panic
out-of-bounds
denial of service
arbitrary user input
github

AI Score

7.4

Confidence

High

EPSS

0.002

Percentile

54.1%

A malicious JSON patch can cause a panic due to an out-of-bounds write attempt. This can be used as a denial of service vector if exposed to arbitrary user input.

AI Score

7.4

Confidence

High

EPSS

0.002

Percentile

54.1%