[NPM:GHSA-PW54-MH39-W3HC] Regular expression denial of service in npm-user-validate
Severity
High
Affected Packages
1
Fixed Packages
1
CVEs
1
This affects the package npm-user-validate before 1.0.1. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters.
Package | Affected Version |
---|---|
pkg:npm/npm-user-validate | < 1.0.1 |
Package | Fixed Version |
---|---|
pkg:npm/npm-user-validate | = 1.0.1 |
- ID
- NPM:GHSA-PW54-MH39-W3HC
- Severity
- high
- URL
- https://github.com/advisories/GHSA-pw54-mh39-w3hc
- Published
-
2021-05-10T19:08:15
(3 years ago) - Modified
-
2023-02-01T05:05:28
(19 months ago) - Rights
- NPM Security Team
- Other Advisories
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:npm/npm-user-validate | npm-user-validate | < 1.0.1 | ||||
Fixed | pkg:npm/npm-user-validate | npm-user-validate | = 1.0.1 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |