Segment is-email Package: Regular Expression Denial of Service (ReDoS) Vulnerability
CVE-2021-36716 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
A ReDoS (regular expression denial of service) flaw was found in the Segment is-email package before 1.0.1 for Node.js. An attacker that is able to provide crafted input to the isEmail(input) function may cause an application to consume an excessive amount of CPU.
Learn more about our Web Application Penetration Testing UK.