An issue in the validate_email function in CTFd/utils/validators/__init__.py of CTFd 3.7.3 allows attackers to cause a Regular expression Denial of Service (ReDoS) via supplying a crafted string as e-mail address during registration.
Metrics
Affected Vendors & Products
References
History
Tue, 07 Jan 2025 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-1333 | |
Metrics |
cvssV3_1
|
Tue, 07 Jan 2025 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An issue in the validate_email function in CTFd/utils/validators/__init__.py of CTFd 3.7.3 allows attackers to cause a Regular expression Denial of Service (ReDoS) via supplying a crafted string as e-mail address during registration. | |
References |
|

Status: PUBLISHED
Assigner: mitre
Published: 2025-01-07T00:00:00
Updated: 2025-01-07T20:21:09.804Z
Reserved: 2024-09-11T00:00:00
Link: CVE-2024-46242

Updated: 2025-01-07T20:18:55.390Z

Status : Received
Published: 2025-01-07T16:15:33.950
Modified: 2025-01-07T21:15:11.783
Link: CVE-2024-46242

No data.