CVE-2021-23900

high

Description

OWASP json-sanitizer before 1.2.2 can output invalid JSON or throw an undeclared exception for crafted input. This may lead to denial of service if the application is not prepared to handle these situations.

References

Advisories

https://groups.google.com/g/json-sanitizer-support/c/dAW1AeNMoA0

https://github.com/OWASP/json-sanitizer/compare/v1.2.1...v1.2.2

https://github.com/OWASP/json-sanitizer/commit/a37f594f7378a1c76b3283e0dab9e1ab1dc0247e

Details

Source: Mitre, NVD

Published: 2021-01-13

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

EPSS

EPSS: 0.00408

Detections

Analytics