Unsafe validation RegEx in EmailField component in com.vaadin:vaadin-text-field-flow versions 2.0.4 through 2.3.2 (Vaadin 14.0.6 through 14.4.3), and 3.0.0 through 4.0.2 (Vaadin 15.0.0 through 17.0.10) allows attackers to cause uncontrolled resource consumption by submitting malicious email addresses.
References
Link | Resource |
---|---|
https://github.com/vaadin/flow-components/pull/442 | Patch Third Party Advisory |
https://vaadin.com/security/cve-2021-31405 | Vendor Advisory |
https://github.com/vaadin/flow-components/pull/442 | Patch Third Party Advisory |
https://vaadin.com/security/cve-2021-31405 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 06:05
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/vaadin/flow-components/pull/442 - Patch, Third Party Advisory | |
References | () https://vaadin.com/security/cve-2021-31405 - Vendor Advisory |
Information
Published : 2021-04-23 16:15
Updated : 2024-11-21 06:05
NVD link : CVE-2021-31405
Mitre link : CVE-2021-31405
CVE.ORG link : CVE-2021-31405
JSON object : View
Products Affected
vaadin
- flow
- vaadin
CWE
CWE-400
Uncontrolled Resource Consumption