CVE-2021-31684
published 2021-06-01CVE-2021-31684: A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions 1.3 and 2.4 which causes a denial of service (DOS) via a…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions 1.3 and 2.4 which causes a denial of service (DOS) via a crafted web request.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| atlassian | confluence_data_center | — | — |
| debian | json-smart | < json-smart 2.2-2+deb12u1 (bookworm) | json-smart 2.2-2+deb12u1 (bookworm) |
| json-smart | json-smart | >= 0 < 2.2-2+deb11u1 | 2.2-2+deb11u1 |
| json-smart | json-smart | >= 0 < 2.2-2+deb12u1 | 2.2-2+deb12u1 |
| json-smart | json-smart | >= 0 < 2.5.1-1 | 2.5.1-1 |
| json-smart | json-smart | >= 0 < 2.5.1-1 | 2.5.1-1 |
| json-smart | json-smart | >= 0 < 2.2-2ubuntu0.18.04.1 | 2.2-2ubuntu0.18.04.1 |
| json-smart | json-smart | >= 0 < 2.2-2ubuntu0.20.04.1 | 2.2-2ubuntu0.20.04.1 |
| json-smart | json-smart | >= 0 < 2.2-2ubuntu0.22.04.1 | 2.2-2ubuntu0.22.04.1 |
| json-smart_project | json-smart-v1 | >= 1.3 < 1.3.3 | 1.3.3 |
| json-smart_project | json-smart-v2 | >= 2.4 < 2.4.4 | 2.4.4 |
| oracle | utilities_framework | — | — |
| oracle | utilities_framework | — | — |
| oracle | utilities_framework | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH