CVE-2020-10675

Name of the Vulnerable Software and Affected Versions buger jsonparser versions through 2019-12-04

Description The issue allows attackers to cause a denial of service (infinite loop) via a Delete call. This can occur when parsing malformed JSON that contains opening brackets but not closing brackets, potentially leading to an infinite loop if operating on untrusted user input.

Recommendations For versions through 2019-12-04, as a temporary workaround, consider restricting the use of the Delete call in the Library API until a patch is available. Avoid parsing untrusted user input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.