GHSA-pw54-mh39-w3hc

Опубликовано: 10 мая 2021

Источник: github

Github: Прошло ревью

CVSS3: 7.5

Описание

Regular expression denial of service in npm-user-validate

This affects the package npm-user-validate before 1.0.1. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters.

Ссылки

Пакеты

Наименование

npm-user-validate

npm

Затронутые версииВерсия исправления

< 1.0.1

1.0.1

EPSS

Процентиль: 81%

0.0163

Низкий

7.5 High

CVSS3

CVE ID

CVE-2020-7754

Дефекты

CWE-400

Связанные уязвимости

CVE-2020-7754

CVSS3: 7.5

redhat

почти 5 лет назад

This affects the package npm-user-validate before 1.0.1. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters.

CVE-2020-7754

CVSS3: 7.5

nvd

больше 4 лет назад

This affects the package npm-user-validate before 1.0.1. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters.