Email Address Denial of Service Vulnerability in Vaadin-Compatibility-Server

Email Address Denial of Service Vulnerability in Vaadin-Compatibility-Server

CVE-2021-31409 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Unsafe validation RegEx in EmailValidator component in com.vaadin:vaadin-compatibility-server versions 8.0.0 through 8.12.4 (Vaadin versions 8.0.0 through 8.12.4) allows attackers to cause uncontrolled resource consumption by submitting malicious email addresses.

Learn more about our Cis Benchmark Audit For Server Software.