18 matches found
Atlassian Jira Service Management Data Center and Server 5.12.29 < 10.3.17 / 10.4.x < 11.3.3 (JSDSERVER-16510)
The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16510 advisory. - A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially craft...
RHEL 8 : Red Hat Product OCP Tools 4.12 OpenShift Jenkins (RHSA-2025:10118)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10118 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by...
RHEL 9 : Red Hat Product OCP Tools 4.16 OpenShift Jenkins (RHSA-2025:10098)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10098 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by...
Atlassian Confluence 7.19.x < 8.5.22 / 8.6.x < 9.2.4 / 9.3.x < 9.4.1 (CONFSERVER-99835)
The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-99835 advisory. - A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number of ''...
Security Bulletin: A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1, affects watsonx.data
Summary A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number of '', a stack exhaustion can be trigger, which could allow an attacker to cause a Denial of Service DoS and this could affect watsonx.data...
Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service due to json-smart (CVE-2024-57699)
Summary The Transformation Advisor tool in IBM App Connect Enterprise is vulnerable to a denial of service due to json-smart. Vulnerability Details CVEID:CVE-2024-57699 DESCRIPTION: A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input,...
Security Bulletin: IBM Application Modernization Accelerator is vulnerable to a vulnerability found in Node.js
Summary There is a vulnerability in Node.js used by IBM Application Modernization Accelerator CVE-2024-57699. Vulnerability Details CVEID:CVE-2024-57699 DESCRIPTION: A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a lar...
Linux Distros Unpatched Vulnerability : CVE-2024-57699
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number of '', a stack...
CVE-2024-57699
A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number of ’’, a stack exhaustion can be trigger, which could allow an attacker to cause a Denial of Service DoS. This issue exists because of an incomplete fix for...
ai.ancf.lmos:arc-runner (>=0.1.1 <=0.120.0), ai.bizone:json-transform (>=1.0.0 <=1.16.0) +5216 more potentially affected by CVE-2023-1370 +1 more via net.minidev:json-smart (>=2.5.0 <=2.5.1)
net.minidev:json-smart MAVEN version =2.5.0, =0.1.1, =1.0.0, =0.6.0, =0.5.0, =0.7.0, =3.10.0.5, =0.5.0, =0.1.0, =1.5.3.RELEASE, =1.5.4.RELEASE, =1.5.4.RELEASE, =2.0.0, =1.3.3, =1.4.0 and more Source cves: CVE-2023-1370, CVE-2024-57699 Source advisory: OSV:GHSA-PQ2G-WX69-C263...
CVE-2024-57699
creationtimestamp| type| source ---|---|--- 2025-02-05 22:17:20+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhhlymxzbi2f 2025-02-06 01:50:52+00:00| seen| https://t.me/cvedetector/17343 2025-06-20 18:30:05+00:00| seen| https://t.me/truesecator/7151 2026-01-21...
CVE-2024-57699
A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number of ’’, a stack exhaustion can be trigger, which could allow an attacker to cause a Denial of Service DoS. This issue exists because of an incomplete fix for...
CVE-2024-57699
A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number of ’’, a stack exhaustion can be trigger, which could allow an attacker to cause a Denial of Service DoS. This issue exists because of an incomplete fix for...
CVE-2024-57699 vulnerabilities
Vulnerabilities for packages: apache-nifi, opensearch, apicurio-registry, dependency-track, akhq, trino...
CVE-2024-57699
Netplex Json-smart 2.5.0–2.5.1 is affected: parsing deeply nested JSON inputs can cause stack exhaustion (DoS) due to unbounded nesting in recursive parsing, tied to an incomplete fix for CVE-2023-1370. The impact is denial of service; exploitation details, exploit status, and a specific remediat...
CVE-2024-57699
A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number of ’’, a stack exhaustion can be trigger, which could allow an attacker to cause a Denial of Service DoS. This issue exists because of an incomplete fix for...
CVE-2024-57699
A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number of ’’, a stack exhaustion can be trigger, which could allow an attacker to cause a Denial of Service DoS. This issue exists because of an incomplete fix for...
CVE-2024-57699
A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number of ’’, a stack exhaustion can be trigger, which could allow an attacker to cause a Denial of Service DoS. This issue exists because of an incomplete fix for...