CVE-2021-27568
Improper Check for Unusual or Exceptional Conditions in json-smart
5.9
MEDIUM
CVSS 3.1
EPSS 0.70%
Description
An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs using the library to crash or expose sensitive information.
How to fix CVE-2021-27568
To remediate CVE-2021-27568, upgrade the affected package to a fixed version below.
- —upgrade to 1.3.2 or later
- —upgrade to 1.3.2 or later
Is CVE-2021-27568 being exploited?
Low — EPSS is 0.7%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 1.3.2
- from 0, < 1.3.2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.9 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |