VulnerableCode Package Details - pkg:maven/net.minidev/json-smart@2.5.2

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-9dt3-fcnc-j3hg	Netplex Json-smart Uncontrolled Recursion vulnerability A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number of ’{’, a stack exhaustion can be trigger, which could allow an attacker to cause a Denial of Service (DoS). This issue exists because of an incomplete fix for CVE-2023-1370. The fixed version only addresses the default modes provided by [JSONParser](https://github.com/netplex/json-smart-v2/blob/master/json-smart/src/main/java/net/minidev/json/parser/JSONParser.java#L118), such as `MODE_RFC4627`. If you create the JSONParser manually or with custom options, make sure to set the `LIMIT_JSON_DEPTH` option.	CVE-2024-57699 GHSA-pq2g-wx69-c263

Vulnerability

Summary

Aliases

VCID-9dt3-fcnc-j3hg

Netplex Json-smart Uncontrolled Recursion vulnerability A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number of ’{’, a stack exhaustion can be trigger, which could allow an attacker to cause a Denial of Service (DoS). This issue exists because of an incomplete fix for CVE-2023-1370. The fixed version only addresses the default modes provided by [JSONParser](https://github.com/netplex/json-smart-v2/blob/master/json-smart/src/main/java/net/minidev/json/parser/JSONParser.java#L118), such as `MODE_RFC4627`. If you create the JSONParser manually or with custom options, make sure to set the `LIMIT_JSON_DEPTH` option.

CVE-2024-57699
GHSA-pq2g-wx69-c263

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T23:19:59.254788+00:00	GitLab Importer	Fixing	VCID-9dt3-fcnc-j3hg	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/net.minidev/json-smart/CVE-2024-57699.yml	38.4.0
2026-04-12T00:38:52.583147+00:00	GitLab Importer	Fixing	VCID-9dt3-fcnc-j3hg	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/net.minidev/json-smart/CVE-2024-57699.yml	38.3.0
2026-04-07T04:56:57.346268+00:00	GHSA Importer	Fixing	VCID-9dt3-fcnc-j3hg	https://github.com/advisories/GHSA-pq2g-wx69-c263	38.1.0
2026-04-03T00:46:50.545779+00:00	GitLab Importer	Fixing	VCID-9dt3-fcnc-j3hg	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/net.minidev/json-smart/CVE-2024-57699.yml	38.1.0
2026-04-02T12:40:46.945245+00:00	GitLab Importer	Fixing	VCID-9dt3-fcnc-j3hg	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/net.minidev/json-smart/CVE-2024-57699.yml	38.0.0
2026-04-01T12:55:40.941281+00:00	GithubOSV Importer	Fixing	VCID-9dt3-fcnc-j3hg	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/02/GHSA-pq2g-wx69-c263/GHSA-pq2g-wx69-c263.json	38.0.0