CVE-2021-31684

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2021-31684

Severity

7.5

High

CVSS CVSS_V3

Description

A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions 1.3 and 2.4 which causes a denial of service (DOS) via a crafted web request.

References

https://images.chainguard.dev/security/CGA-pggr-9xq4-g3qh
https://github.com/advisories/GHSA-fg2v-w576-w4v3
https://images.chainguard.dev/security/CGA-7w55-8hf5-xvcp
https://images.chainguard.dev/security/CGA-9p9j-cx7m-ggvg
https://images.chainguard.dev/security/CGA-cmrm-pr6r-3j5c
https://images.chainguard.dev/security/CGA-jwxv-rq2f-pf4p
https://images.chainguard.dev/security/CGA-g972-4w58-jj5c
https://images.chainguard.dev/security/CGA-pm4j-36rg-wx67
https://images.chainguard.dev/security/CGA-m4jg-7m3f-64w3
https://images.chainguard.dev/security/CGA-mq52-vm58-4m9x
https://images.chainguard.dev/security/CGA-895x-8fhr-cfcr
https://github.com/netplex/json-smart-v1/issues/10
https://github.com/netplex/json-smart-v1/pull/11
https://github.com/netplex/json-smart-v2/issues/67
https://github.com/netplex/json-smart-v2/pull/68
https://security.netapp.com/advisory/ntap-20240621-0006/
https://www.oracle.com/security-alerts/cpujan2022.html
https://lists.debian.org/debian-lts-announce/2023/03/msg00030.html
https://www.oracle.com/security-alerts/cpujul2022.html
https://security-tracker.debian.org/tracker/CVE-2021-31684

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Private Policy

CVE-2021-31684

Severity

Description

References

Affected packages

Products

Why Chainguard

Customers

Company

Resources