VulnerableCode Package Details - pkg:maven/net.minidev/json-smart@2.4

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/net.minidev/json-smart@2.4

Essentials
History (2)

purl	pkg:maven/net.minidev/json-smart@2.4
Tags	Ghost

Next non-vulnerable version	2.4.9
Latest non-vulnerable version	2.5.2
Risk	4.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-tdfp-krep-5ffe Aliases: CVE-2021-27568 GHSA-v528-7hrm-frqp	Improper Check for Unusual or Exceptional Conditions in json-smart An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs using the library to crash or expose sensitive information.	2.4.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-wg6b-e8ts-w7ct Aliases: CVE-2021-31684 GHSA-fg2v-w576-w4v3	Out of bounds read in json-smart A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions prior to 1.3.3 and 2.4.5 which causes a denial of service (DOS) via a crafted web request.	2.4.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 2.4.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-tdfp-krep-5ffe
Aliases:
CVE-2021-27568
GHSA-v528-7hrm-frqp

Improper Check for Unusual or Exceptional Conditions in json-smart An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs using the library to crash or expose sensitive information.

2.4.1
Affected by 1 other vulnerability.

VCID-wg6b-e8ts-w7ct
Aliases:
CVE-2021-31684
GHSA-fg2v-w576-w4v3

Out of bounds read in json-smart A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions prior to 1.3.3 and 2.4.5 which causes a denial of service (DOS) via a crafted web request.

2.4.1
Affected by 1 other vulnerability.

2.4.4
Affected by 1 other vulnerability.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-02T12:38:57.705783+00:00	GitLab Importer	Affected by	VCID-wg6b-e8ts-w7ct	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/net.minidev/json-smart/CVE-2021-31684.yml	38.0.0
2026-04-02T12:37:58.457595+00:00	GitLab Importer	Affected by	VCID-tdfp-krep-5ffe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/net.minidev/json-smart/CVE-2021-27568.yml	38.0.0