CVE-2021-31684

CVE-2021-31684

A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions 1.3 and 2.4 which causes a denial of service (DOS) via a crafted web request.

Published Jun 2, 2021

Issue #10 PR #11 Issue #67 PR #68

CVSS ScoreHigh

7.5

Vulnerabilities

CVE-2021-31684

A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions 1.3 and 2.4 which causes a denial of service (DOS) via a crafted web request.

Published Jun 2, 2021

Issue #10 PR #11 Issue #67 PR #68

CVSS ScoreHigh

7.5

CVE-2021-31684 Security Details

CVE ID: CVE-2021-31684
CWE: CWE-787
CVE Description: A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions 1.3 and 2.4 which causes a denial of service (DOS) via a crafted web request.
Published: Jun 2, 2021
CVSS Score & Severity: 7.5High
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score: 0.108%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Vulnerable Methods: net/minidev/json/parser/JSONParserByteArray.indexOf(CI)I
JVMVulnerable params: 1
Affected Ecosystems: affected
Source: National Vulnerability Database
References: GitHub · Issue #10PROJECT
GitHub · PR #11PROJECT
GitHub · Issue #67PROJECT
GitHub · PR #68PROJECT

CVE-2021-31684 Security Details

CVE ID: CVE-2021-31684
CWE: CWE-787
CVE Description: A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions 1.3 and 2.4 which causes a denial of service (DOS) via a crafted web request.
Published: Jun 2, 2021
CVSS Score & Severity: 7.5High
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score: 0.108%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Vulnerable Methods: net/minidev/json/parser/JSONParserByteArray.indexOf(CI)I
JVMVulnerable params: 1
Affected Ecosystems: affected
Source: National Vulnerability Database
References: GitHub · Issue #10PROJECT
GitHub · PR #11PROJECT
GitHub · Issue #67PROJECT
GitHub · PR #68PROJECT

Find vulnerabilities. Fix fast with AI.

CVE-2021-31684

CVE-2021-31684 Security Details

CVE-2021-31684 Security Details