chore(deps): update module github.com/buger/jsonparser to v1.1.2 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/buger/jsonparser	v1.1.1 → v1.1.2

GitHub Vulnerability Alerts

GHSA-6g7g-w4f8-9c9x

The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack.

---

Denial of service in github.com/buger/jsonparser

GHSA-6g7g-w4f8-9c9x

More information

Details

The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack.

Severity

• CVSS Score: 7.5 / 10 (High)
• Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

• https://github.com/buger/jsonparser/issues/275
• https://github.com/golang/vulndb/issues/4514
• https://github.com/buger/jsonparser/pull/276
• https://github.com/buger/jsonparser/commit/a69e7e01cd4ad67bdfd3ac2c080b9212af16f4b0
• https://cyber.securityinfinity.com/buger-jsonparser-negative-slice-panic-dos-2026
• https://github.com/buger/jsonparser
• https://github.com/buger/jsonparser/releases/tag/v1.1.2

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

---

Release Notes

buger/jsonparser (github.com/buger/jsonparser)

v1.1.2

Compare Source

What's Changed

• Updated travis to build for 1.13 to 1.15 by @​janreggie in #​225
• • eliminate 2 allocations in EachKey() by @​Villenny in #​223
• fix issue #​150 (in deleting case) by @​daria-kay in #​226
• fixing the oss-fuzz issue by @​daria-kay in #​227
• Fix parseInt overflow check false negative by @​carsonip in #​231
• Added bespoke error for null cases by @​jonomacd in #​228
• Fuzzing: Add CIFuzz by @​AdamKorcz in #​239
• Added latest versions of go to tests by @​moredure in #​244
• fix EachKey pIdxFlags allocation by @​unxcepted in #​241
• fix: prevent panic on negative slice index in Delete with malformed JSON (GO-2026-4514) by @​dbarrosop in #​276

New Contributors

• @​janreggie made their first contribution in #​225
• @​Villenny made their first contribution in #​223
• @​daria-kay made their first contribution in #​226
• @​carsonip made their first contribution in #​231
• @​jonomacd made their first contribution in #​228
• @​moredure made their first contribution in #​244
• @​unxcepted made their first contribution in #​241
• @​dbarrosop made their first contribution in #​276

Full Changelog: buger/jsonparser@v1.1.1...v1.1.2

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 33.46%. Comparing base (ea99142) to head (8c05186).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1943      +/-   ##
==========================================
- Coverage   33.51%   33.46%   -0.05%     
==========================================
  Files          76       76              
  Lines        6726     6726              
==========================================
- Hits         2254     2251       -3     
- Misses       4293     4295       +2     
- Partials      179      180       +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.