VulnerableCode Package Details - pkg:maven/net.minidev/json-smart@2.4.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/net.minidev/json-smart@2.4.0

Essentials
History (2)

purl	pkg:maven/net.minidev/json-smart@2.4.0
Tags	Ghost

Next non-vulnerable version	2.4.9
Latest non-vulnerable version	2.5.2
Risk	4.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-tdfp-krep-5ffe Aliases: CVE-2021-27568 GHSA-v528-7hrm-frqp	Improper Check for Unusual or Exceptional Conditions in json-smart An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs using the library to crash or expose sensitive information.	2.4.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-wg6b-e8ts-w7ct Aliases: CVE-2021-31684 GHSA-fg2v-w576-w4v3	Out of bounds read in json-smart A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions prior to 1.3.3 and 2.4.5 which causes a denial of service (DOS) via a crafted web request.	2.4.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 2.4.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-tdfp-krep-5ffe
Aliases:
CVE-2021-27568
GHSA-v528-7hrm-frqp

Improper Check for Unusual or Exceptional Conditions in json-smart An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs using the library to crash or expose sensitive information.

2.4.1
Affected by 1 other vulnerability.

VCID-wg6b-e8ts-w7ct
Aliases:
CVE-2021-31684
GHSA-fg2v-w576-w4v3

Out of bounds read in json-smart A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions prior to 1.3.3 and 2.4.5 which causes a denial of service (DOS) via a crafted web request.

2.4.1
Affected by 1 other vulnerability.

2.4.4
Affected by 1 other vulnerability.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-02T16:57:30.210805+00:00	GHSA Importer	Affected by	VCID-tdfp-krep-5ffe	https://github.com/advisories/GHSA-v528-7hrm-frqp	38.1.0
2026-04-01T15:59:51.970644+00:00	GHSA Importer	Affected by	VCID-wg6b-e8ts-w7ct	https://github.com/advisories/GHSA-fg2v-w576-w4v3	38.0.0