CVE-2021-27568

An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs using the library to crash or expose sensitive information.
References
Link Resource
https://github.com/netplex/json-smart-v2/issues/60 Exploit Third Party Advisory
https://github.com/netplex/json-smart-v1/issues/7 Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:json-smart_project:json-smart-v1:*:*:*:*:*:*:*:*
cpe:2.3:a:json-smart_project:json-smart-v2:*:*:*:*:*:*:*:*
cpe:2.3:a:json-smart_project:json-smart-v2:*:*:*:*:*:*:*:*

Information

Published : 2021-02-23 02:15

Updated : 2021-05-04 13:58


NVD link : CVE-2021-27568

Mitre link : CVE-2021-27568


JSON object : View

Products Affected

json-smart_project

  • json-smart-v1
  • json-smart-v2
CWE
CWE-754

Improper Check for Unusual or Exceptional Conditions