CVE-2021-31684

Publication date 1 June 2021

Last updated 25 August 2025

Ubuntu priority

Medium

Why this priority?

Cvss 3 Severity Score

7.5 · High

Score breakdown

Description

A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions 1.3 and 2.4 which causes a denial of service (DOS) via a crafted web request.

Status

Package Ubuntu Release Status
json-smart 23.04 lunar
Fixed 2.2-2ubuntu1
22.10 kinetic
Fixed 2.2-2ubuntu0.22.10.1
22.04 LTS jammy
Fixed 2.2-2ubuntu0.22.04.1
21.10 impish Ignored end of life
21.04 hirsute Ignored end of life
20.10 groovy Ignored end of life
20.04 LTS focal
Fixed 2.2-2ubuntu0.20.04.1
18.04 LTS bionic
Fixed 2.2-2ubuntu0.18.04.1
16.04 LTS xenial Ignored end of standard support
14.04 LTS trusty Not in release

Severity score breakdown

CVSS version: CVSS v3.0

Base score 7.5 · High

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

Related Ubuntu Security Notices (USN)

    • USN-6011-1
    • Json-smart vulnerabilities
    • 12 April 2023

Other references

Access our resources on patching vulnerabilities