View all vulnerabilities

CVE-2021-31684

Out of bounds read in json-smart

A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions prior to 1.3.3 and 2.4.5 which causes a denial of service (DOS) via a crafted web request.

Patch Available

Fix available through Seal Security. No upgrade required, protect your application instantly.

Fix without upgrading
Vulnerability Details
Score
7.5
Score Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Versions
net.minidev:json-smart >= 1.3.0 < 1.3.3; net.minidev:json-smart >= 2.4.0 < 2.4.4
Severity
High
Ecosystem
Publish Date
February 10, 2022
Modified Date
June 24, 2024