[🐸 Frogbot] Update version of github.com/buger/jsonparser to 1.1.2 by github-actions[bot] · Pull Request #1260 · jfrog/frogbot

github-actions · 2026-03-25T16:15:11Z

Severity	ID	Contextual Analysis	Direct Dependencies	Impacted Dependency	Fixed Versions
High	-	Not Covered	github.com/jfrog/jfrog-cli-security:v1.26.3 github.com/buger/jsonparser:v1.1.1 github.com/jfrog/jfrog-cli-artifactory:v0.8.1-0.20260227101327-7478579b5f25 github.com/jfrog/build-info-go:v1.13.1-0.20260216093441-40a4dc563294 github.com/jfrog/jfrog-cli-core/v2:v2.60.1-0.20260218080258-3bf55ed18973 github.com/jfrog/jfrog-client-go:v1.55.1-0.20260225080504-17057750d47b	github.com/buger/jsonparser v1.1.1	[1.1.2]


Contextual Analysis:	Not Covered
Direct Dependencies:	github.com/jfrog/jfrog-cli-security:v1.26.3, github.com/buger/jsonparser:v1.1.1, github.com/jfrog/jfrog-cli-artifactory:v0.8.1-0.20260227101327-7478579b5f25, github.com/jfrog/build-info-go:v1.13.1-0.20260216093441-40a4dc563294, github.com/jfrog/jfrog-cli-core/v2:v2.60.1-0.20260218080258-3bf55ed18973, github.com/jfrog/jfrog-client-go:v1.55.1-0.20260225080504-17057750d47b
Impacted Dependency:	github.com/buger/jsonparser:v1.1.1
Fixed Versions:	[1.1.2]
CVSS V3:	7.5

Denial of service in github.com/buger/jsonparser

Upgrade github.com/buger/jsonparser to 1.1.2

ba7eb44

Provide feedback