Описание
JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
A flaw was found in the JGraphT Core. The affected version of this package contains a Null Pointer Exception via the org.jgrapht.alg.util.ToleranceDoubleComparator::compare component.
Отчет
The Null Pointer Exception in the ToleranceDoubleComparator::compare method of the JGraphT Core library is classified as a moderate severity issue due to its potential to disrupt application stability under certain conditions. This flaw can cause runtime exceptions when null values are encountered during the comparison process, leading to abrupt termination of algorithms that rely on this comparator. While it does not pose a security risk or lead to data corruption, it affects the reliability and robustness of graph-related operations, especially in environments where null inputs might be prevalent.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Migration Toolkit for Applications 6 | jgrapht-core | Not affected | ||
| Migration Toolkit for Runtimes | jgrapht-core | Not affected | ||
| Red Hat Process Automation 7 | jgrapht-core | Will not fix |
Показывать по
Дополнительная информация
Статус:
5.5 Medium
CVSS3
Связанные уязвимости
JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double).
5.5 Medium
CVSS3