CVE-2021-27568
23.02.2021, 02:15
An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs using the library to crash or expose sensitive information.Enginsight
| Vendor | Product | Version |
|---|---|---|
| json-smart_project | json-smart-v1 | 𝑥 < 1.3.2 |
| json-smart_project | json-smart-v2 | 𝑥 < 2.3.1 |
| json-smart_project | json-smart-v2 | 2.4 ≤ 𝑥 < 2.4.1 |
| oracle | communications_cloud_native_core_policy | 1.14.0 |
| oracle | oss_support_tools | 𝑥 < 2.12.42 |
| oracle | peoplesoft_enterprise_peopletools | 8.58 |
| oracle | peoplesoft_enterprise_peopletools | 8.59 |
| oracle | utilities_framework | 4.4.0.0.0 |
| oracle | utilities_framework | 4.4.0.2.0 |
| oracle | utilities_framework | 4.4.0.3.0 |
| oracle | weblogic_server | 12.2.1.3.0 |
| oracle | weblogic_server | 12.2.1.4.0 |
| oracle | weblogic_server | 14.1.1.0.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References