net.minidev:json-smart

Maven4 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting net.minidev:json-smartpage 1 of 1

CVE-2021-27568MEDIUMCVSS 5.9EG 5.9✓ Fixed in 2.3.1
2021-02-23
vulnerable: 2.0 ... 2.3 (6 versions)
An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause …
CVE-2021-31684HIGHCVSS 7.5EG 7.5✓ Fixed in 2.4.4
2021-06-01
vulnerable: 2.4.1, 2.4.2
A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions 1.3 and 2.4 which causes a denial of service (DOS) via a crafted web request.
CVE-2023-1370HIGHCVSS 7.5EG 7.5✓ Fixed in 2.4.9
2023-03-22
vulnerable: 1.0.6.3 ... 2.4.8 (28 versions)
[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib. When reaching a ‘[‘ or ‘{‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that …
CVE-2024-57699HIGHCVSS 7.5EG 7.5✓ Fixed in 2.5.2
2025-02-05
vulnerable: 2.5.0, 2.5.1
A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number of ’{’, a stack exhaustion can be trigger, which could allow an attacker to cause a Denial of …

Check whether net.minidev:json-smart is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for net.minidev:json-smart CVEs against the assets you own.

Start Free Scan →