mirror of
https://github.com/0xMarcio/cve.git
synced 2026-02-12 18:42:46 +00:00
1.4 KiB
1.4 KiB
CVE-2021-27568
Description
An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs using the library to crash or expose sensitive information.
POC
Reference
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujan2022.html
Github
- https://github.com/CodeIntelligenceTesting/jazzer
- https://github.com/GanbaruTobi/CVEs_PoCs
- https://github.com/OpenLabSE/VulFinder
- https://github.com/TinkerBoard-Android/rockchip-android-external-jazzer-api
- https://github.com/VulFinder/VulFinder
- https://github.com/arsalanraja987/java-insecure-random-cve-2021-27568
- https://github.com/mosaic-hgw/jMeter
- https://github.com/msft-mirror-aosp/platform.external.jazzer-api
- https://github.com/netplex/json-smart-v2
- https://github.com/stuartwdouglasmidstream/github--netplex--json-smart-v2