CVE-2021-27568

🗓️ 23 Feb 2021 01:32:14Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 10 Media mentions👁 396 Views

An issue in netplex json-smart-v1 & v2 causes uncaught exception, leading to potential crashes or data exposure

Reporter	Title	Published	Views	Family All 48
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.	6 Jan 202321:23	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Apache JSON Small and Fast Parser (json-smart) and Underscore affect IBM Spectrum Symphony	6 Jul 202108:20	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs	27 Apr 202310:23	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities	16 Jun 202221:33	–	ibm
IBM Security Bulletins	Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.8	18 Oct 202407:56	–	ibm
IBM Security Bulletins	Security Bulletin: An issue was discovered in netplex json-smart which affects IBM Engineering Lifecycle Optimization - Publishing	11 Oct 202305:53	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities	22 Jun 202215:20	–	ibm
IBM Security Bulletins	Security Bulletin: CVE-2021-27568 An issue was discovered in netplex json-smart-v1, an exception is thrown from a function	30 Jul 202105:02	–	ibm
IBM Security Bulletins	Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities fixed in 9.7.2.7	24 Oct 202411:46	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities Have been addressed in IBM Security Access Manager	15 Oct 202120:24	–	ibm

NVD

Node

json-smart_project json-smart-v1Range<1.3.2

json-smart_project json-smart-v2Range<2.3.1

json-smart_project json-smart-v2Range2.4–2.4.1

Node

oracle communications_cloud_native_core_policyMatch1.14.0

oracle oss_support_toolsRange<2.12.42

oracle peoplesoft_enterprise_peopletoolsMatch8.58

oracle peoplesoft_enterprise_peopletoolsMatch8.59

oracle utilities_frameworkMatch4.4.0.0.0

oracle utilities_frameworkMatch4.4.0.2.0

oracle utilities_frameworkMatch4.4.0.3.0

oracle weblogic_serverMatch12.2.1.3.0

oracle weblogic_serverMatch12.2.1.4.0

oracle weblogic_serverMatch14.1.1.0.0

Source	Link
oracle	www.oracle.com//security-alerts/cpujul2021.html
lists	www.lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa%40%3Ccommits.druid.apache.org%3E
github	www.github.com/netplex/json-smart-v1/issues/7
github	www.github.com/netplex/json-smart-v2/issues/60
lists	www.lists.apache.org/thread.html/rb6287f5aa628c8d9af52b5401ec6cc51b6fc28ab20d318943453e396%40%3Ccommits.druid.apache.org%3E
oracle	www.oracle.com/security-alerts/cpujan2022.html
lists	www.lists.apache.org/thread.html/rf70210b4d63191c0bfb2a0d5745e104484e71703bf5ad9cb01c980c6%40%3Ccommits.druid.apache.org%3E
oracle	www.oracle.com/security-alerts/cpuapr2022.html

21 Nov 2024 05:58Current

6Medium risk

Vulners AI Score6

CVSS 24.3

CVSS 3.15.9

EPSS0.00698

CWE-754