Description
Unsafe validation RegEx in EmailValidator component in com.vaadin:vaadin-compatibility-server versions 8.0.0 through 8.12.4 (Vaadin versions 8.0.0 through 8.12.4) allows attackers to cause uncontrolled resource consumption by submitting malicious email addresses.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Vaadin | Vaadin | affected |
|
||||||
| Vaadin | vaadin-compatibility-server | affected |
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2021-1033 | Unsafe validation RegEx in EmailValidator component in com.vaadin:vaadin-compatibility-server versions 8.0.0 through 8.12.4 (Vaadin versions 8.0.0 through 8.12.4) allows attackers to cause uncontrolled resource consumption by submitting malicious email addresses. |
 Github GHSA |
GHSA-c332-w4jm-55wv | Regular expression Denial of Service (ReDoS) in EmailValidator class in V7 compatibility module in Vaadin 8 |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Vaadin
Published:
Updated: 2024-09-17T04:24:18.976Z
Reserved: 2021-04-15T00:00:00.000Z
Link: CVE-2021-31409
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-05-06T13:15:12.633
Modified: 2024-11-21T06:05:36.690
Link: CVE-2021-31409
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses