CVE-2021-23900

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-23900

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-23900.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-23900

Aliases

GHSA-8rf5-92jh-3vc9

Published

2021-01-13T16:15:14Z

Modified

2024-05-15T01:10:39.054436Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

OWASP json-sanitizer before 1.2.2 can output invalid JSON or throw an undeclared exception for crafted input. This may lead to denial of service if the application is not prepared to handle these situations.

References

Affected packages

Git / github.com/owasp/json-sanitizer

Affected ranges

Type: GIT
Repo: https://github.com/owasp/json-sanitizer
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

a37f594f7378a1c76b3283e0dab9e1ab1dc0247e

Affected versions

json-sanitizer-1.*

json-sanitizer-1.0

json-sanitizer-1.1

release-1.*

release-1.2.0

v1.*

v1.2.1