GHSA-6g7g-w4f8-9c9x

ADVISORY - github

Summary

The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack.

Common Weakness Enumeration (CWE)

ADVISORY - github

CWE-125⁠

Out-of-bounds Read

Impacted images

Advisories

GitHub

CREATED

6 hours ago

UPDATED

6 hours ago

ADVISORY IDGHSA-6g7g-w4f8-9c9x⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-125⁠

CVSS SCORE

7.5high