Search for packages
| purl | pkg:maven/net.minidev/json-smart@2.5.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-9dt3-fcnc-j3hg
Aliases: CVE-2024-57699 GHSA-pq2g-wx69-c263 |
Netplex Json-smart Uncontrolled Recursion vulnerability A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number of ’{’, a stack exhaustion can be trigger, which could allow an attacker to cause a Denial of Service (DoS). This issue exists because of an incomplete fix for CVE-2023-1370. The fixed version only addresses the default modes provided by [JSONParser](https://github.com/netplex/json-smart-v2/blob/master/json-smart/src/main/java/net/minidev/json/parser/JSONParser.java#L118), such as `MODE_RFC4627`. If you create the JSONParser manually or with custom options, make sure to set the `LIMIT_JSON_DEPTH` option. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T23:19:59.251662+00:00 | GitLab Importer | Affected by | VCID-9dt3-fcnc-j3hg | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/net.minidev/json-smart/CVE-2024-57699.yml | 38.4.0 |
| 2026-04-12T00:38:52.579323+00:00 | GitLab Importer | Affected by | VCID-9dt3-fcnc-j3hg | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/net.minidev/json-smart/CVE-2024-57699.yml | 38.3.0 |
| 2026-04-03T00:46:50.542162+00:00 | GitLab Importer | Affected by | VCID-9dt3-fcnc-j3hg | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/net.minidev/json-smart/CVE-2024-57699.yml | 38.1.0 |