DoS (Denial of Service) net.minidev:json-smart Dependency in Jira Service Management Data Center and Server

This High severity net.minidev:json-smart Dependency vulnerability was introduced in versions 5.12.4, 5.13.0, 5.14.0, 5.15.2, 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Service Management Data Center and Server. This net.minidev:json-smart Dependency vulnerability,...

Denial Of Service (DoS)

net.minidev, json-smart is vulnerable to Denial Of Service DoS. The vulnerability exists because there is no nested depth checks for deeply nested JSON arrays or objects, which allows an attacker to crash the application via a malicious array with deeply nested elements...

ai.catboost:catboost-spark_3.1_2.12 (>=1.0.1 <=1.2.8), ai.chronon:aggregator_2.12 (>=0.0.25 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91) +9362 more potentially affected by CVE-2021-27568 via net.minidev:json-smart (>=2.1.0 <=2.3)

net.minidev:json-smart MAVEN version =2.1.0, =1.0.1, =0.0.25, =0.0.25, =0.0.62, =0.0.25, =0.0.86, =0.0.8, =0.0.6, =0.0.2, =3.22.0.1, =3.22.0.1, =3.22.0.1, =2.1.42, =3.34.0.3-1-3.1, =3.46.0.6-1-3.1 and more Source cves: CVE-2021-27568 Source advisory: OSV:GHSA-V528-7HRM-FRQP...