CVE-2021-31405

Unsafe validation RegEx in EmailField component in com.vaadin:vaadin-text-field-flow versions 2.0.4 through 2.3.2 (Vaadin 14.0.6 through 14.4.3), and 3.0.0 through 4.0.2 (Vaadin 15.0.0 through 17.0.10) allows attackers to cause uncontrolled resource consumption by submitting malicious email addresses.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:vaadin:flow:*:*:*:*:*:*:*:*
cpe:2.3:a:vaadin:flow:*:*:*:*:*:*:*:*
cpe:2.3:a:vaadin:vaadin:*:*:*:*:*:*:*:*
cpe:2.3:a:vaadin:vaadin:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:05

Type Values Removed Values Added
References () https://github.com/vaadin/flow-components/pull/442 - Patch, Third Party Advisory () https://github.com/vaadin/flow-components/pull/442 - Patch, Third Party Advisory
References () https://vaadin.com/security/cve-2021-31405 - Vendor Advisory () https://vaadin.com/security/cve-2021-31405 - Vendor Advisory

Information

Published : 2021-04-23 16:15

Updated : 2024-11-21 06:05


NVD link : CVE-2021-31405

Mitre link : CVE-2021-31405

CVE.ORG link : CVE-2021-31405


JSON object : View

Products Affected

vaadin

  • flow
  • vaadin
CWE
CWE-400

Uncontrolled Resource Consumption