CVE-2021-23900
First published: Wed Jan 13 2021(Updated: )
OWASP json-sanitizer before 1.2.2 can output invalid JSON or throw an undeclared exception for crafted input. This may lead to denial of service if the application is not prepared to handle these situations.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| OWASP Java HTML Sanitizer | <1.2.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for the OWASP json-sanitizer issue?
The vulnerability ID is CVE-2021-23900.
What is the severity of CVE-2021-23900?
The severity of CVE-2021-23900 is high with a severity value of 7.5.
What is the affected software for CVE-2021-23900?
The affected software for CVE-2021-23900 is OWASP json-sanitizer before version 1.2.2.
What are the potential consequences of CVE-2021-23900?
The potential consequences of CVE-2021-23900 include outputting invalid JSON or throwing undeclared exceptions for crafted input, which may lead to denial of service if the application is not prepared to handle these situations.
How can I fix CVE-2021-23900?
To fix CVE-2021-23900, update OWASP json-sanitizer to version 1.2.2 or later.
- agent/type
- agent/softwarecombine
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/last-modified-date
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/owasp
- canonical/owasp java html sanitizer