The Library API in buger jsonparser through 2019-12-04 allows attackers to cause a denial of service (infinite loop) via a Delete call.
{ "nvd_published_at": "2020-03-19T14:15:00Z", "cwe_ids": [ "CWE-835" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2021-05-04T21:51:17Z" }