3 matches found
CVE-2021-23900
OWASP json-sanitizer before 1.2.2 can output invalid JSON or throw an undeclared exception for crafted input. This may lead to denial of service if the application is not prepared to handle these situations...
com.github.promregator:promregator (>=0.6.3 <=0.9.0-rc1), com.lancethomps:lava (>=1.0.0 <=1.12.0) +160 more potentially affected by CVE-2021-23900 via com.mikesamuel:json-sanitizer (>=1.2.0 <=1.2.1)
com.mikesamuel:json-sanitizer MAVEN version =1.2.0, =0.6.3, =1.0.0, =1.0.0, =1.1.0, =1.1.0, =1.8.1, =1.0.0, =1.0.0, =1.0.0, =1.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.2.0 and more Source cves: CVE-2021-23900 Source advisory: OSV:GHSA-8RF5-92JH-3VC9...
CVE-2021-23900
The CVE-2021-23900 entry concerns OWASP json-sanitizer before 1.2.2, where crafted input can cause invalid JSON output or an undeclared exception, potentially leading to DoS. Connected sources (Red Hat, GHSA, OSV, CNVD, CVE listings) confirm the same core issue affecting json-sanitizer prior to 1...