Description
OWASP json-sanitizer before 1.2.2 can output invalid JSON or throw an undeclared exception for crafted input. This may lead to denial of service if the application is not prepared to handle these situations.
Remediation
References
https://groups.google.com/g/json-sanitizer-support/c/dAW1AeNMoA0
https://github.com/OWASP/json-sanitizer/compare/v1.2.1...v1.2.2
https://github.com/OWASP/json-sanitizer/commit/a37f594f7378a1c76b3283e0dab9e1ab1dc0247e
Related Vulnerabilities
CVE-2022-31147 Vulnerability in npm package jquery-validation
CVE-2020-7656 Vulnerability in maven package org.webjars.bowergithub.jquery:jquery
CVE-2019-18213 Vulnerability in maven package org.lsp4xml:lsp4xml-extensions
CVE-2022-24429 Vulnerability in npm package convert-svg-core
CVE-2021-21318 Vulnerability in maven package org.opencastproject:opencast-search-service-impl