Description

An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs using the library to crash or expose sensitive information.

Remediation

References

CVE-2021-27568

Related Vulnerabilities

WordPress Plugin PHP Event Calendar for WordPress Arbitrary File Upload (1.6)

WordPress Plugin VaultPress Remote Code Execution (1.9.0)

CubeCart Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4903)

WordPress Plugin Newsletter Manager Multiple Cross-Site Scripting Vulnerabilities (1.0.1)

Atlassian Jira Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2928)

Severity

Medium

Classification

CVE-2021-27568 CWE-754 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities