Unsafe validation RegEx in EmailValidator component in com.vaadin:vaadin-compatibility-server versions 8.0.0 through 8.12.4 (Vaadin versions 8.0.0 through 8.12.4) allows attackers to cause uncontrolled resource consumption by submitting malicious email addresses.
References
Link | Resource |
---|---|
https://github.com/vaadin/framework/pull/12241 | Patch Third Party Advisory |
https://github.com/vaadin/framework/issues/12240 | Patch Third Party Advisory |
https://vaadin.com/security/cve-2021-31409 | Vendor Advisory |
Configurations
Information
Published : 2021-05-06 06:15
Updated : 2021-05-13 12:24
NVD link : CVE-2021-31409
Mitre link : CVE-2021-31409
JSON object : View
CWE
CWE-400
Uncontrolled Resource Consumption
Products Affected
vaadin
- vaadin