CVE-2021-27568
published 2021-02-23CVE-2021-27568: An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not…
medium5.9CVSS 3.1
AVNACHPRNUINSUCNINAH
An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs using the library to crash or expose sensitive information.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| json-smart_project | json-smart-v1 | < 1.3.2 | 1.3.2 |
| json-smart_project | json-smart-v2 | < 2.3.1 | 2.3.1 |
| json-smart_project | json-smart-v2 | >= 2.4 < 2.4.1 | 2.4.1 |
| oracle | communications_cloud_native_core_policy | — | — |
| oracle | oss_support_tools | < 2.12.42 | 2.12.42 |
| oracle | peoplesoft_enterprise_peopletools | — | — |
| oracle | peoplesoft_enterprise_peopletools | — | — |
| oracle | utilities_framework | — | — |
| oracle | utilities_framework | — | — |
| oracle | utilities_framework | — | — |
| oracle | weblogic_server | — | — |
| oracle | weblogic_server | — | — |
| oracle | weblogic_server | — | — |