Description
OWASP json-sanitizer before 1.2.2 can output invalid JSON or throw an undeclared exception for crafted input. This may lead to denial of service if the application is not prepared to handle these situations.
Remediation
References
https://github.com/OWASP/json-sanitizer/commit/a37f594f7378a1c76b3283e0dab9e1ab1dc0247e
https://github.com/OWASP/json-sanitizer/compare/v1.2.1...v1.2.2
https://groups.google.com/g/json-sanitizer-support/c/dAW1AeNMoA0
Related Vulnerabilities
CVE-2022-35916 Vulnerability in npm package @openzeppelin/contracts
CVE-2023-26480 Vulnerability in maven package org.xwiki.platform:xwiki-platform-livedata-macro
CVE-2020-36186 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2022-42467 Vulnerability in maven package org.apache.isis.core:isis-core-config