High severity7.5NVD Advisory· Published Feb 5, 2025· Updated Apr 15, 2026
CVE-2024-57699
CVE-2024-57699
Description
A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number of ’{’, a stack exhaustion can be trigger, which could allow an attacker to cause a Denial of Service (DoS). This issue exists because of an incomplete fix for CVE-2023-1370.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
net.minidev:json-smartMaven | >= 2.5.0, < 2.5.2 | 2.5.2 |
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- github.com/advisories/GHSA-pq2g-wx69-c263ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-57699ghsaADVISORY
- nvd.nist.gov/vuln/detail/cve-2023-1370nvdADVISORY
- github.com/TurtleLiu/Vul_PoC/tree/main/CVE-2024-57699nvdWEB
- github.com/netplex/json-smart-v2/issues/232ghsaWEB
- github.com/netplex/json-smart-v2/issues/233ghsaWEB
- github.com/netplex/json-smart-v2/issues/236ghsaWEB
- github.com/netplex/json-smart-v2/releases/tag/2.5.2ghsaWEB
News mentions
0No linked articles in our index yet.