reports/GO-2021-0076.toml - vuln - Git at Google

 module = "github.com/evanphx/json-patch"

 description = """
 A malicious JSON patch can cause a panic due to an out-of-bounds
 write attempt. This can be used as a denial of service vector if
 exposed to arbitary user input.
 """

 cve = "CVE-2018-14632"

 symbols = ["partialArray.add"]

 published = "2021-04-14T12:00:00Z"

 [[versions]]
 fixed = "v0.5.2"

 [links]
 commit = "https://github.com/evanphx/json-patch/commit/4c9aadca8f89e349c999f04e28199e96e81aba03"
 pr = "https://github.com/evanphx/json-patch/pull/57"
	module = "github.com/evanphx/json-patch"

	description = """
	A malicious JSON patch can cause a panic due to an out-of-bounds
	write attempt. This can be used as a denial of service vector if
	exposed to arbitary user input.
	"""

	cve = "CVE-2018-14632"

	symbols = ["partialArray.add"]

	published = "2021-04-14T12:00:00Z"

	[[versions]]
	fixed = "v0.5.2"

	[links]
	commit = "https://github.com/evanphx/json-patch/commit/4c9aadca8f89e349c999f04e28199e96e81aba03"
	pr = "https://github.com/evanphx/json-patch/pull/57"