Lucene search
K

7 matches found

Github Security Blog
Github Security Blog
added 2021/05/10 7:8 p.m.48 views

Regular expression denial of service in @absolunet/kafe

This affects the package @absolunet/kafe before 3.2.10. It allows cause a denial of service when validating crafted invalid emails...

5.3CVSS5.3AI score0.01555EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2021/05/10 7:8 p.m.13 views

GHSA-HGPF-97C5-74FC Regular expression denial of service in @absolunet/kafe

This affects the package @absolunet/kafe before 3.2.10. It allows cause a denial of service when validating crafted invalid emails...

5.3CVSS5.2AI score0.01555EPSS
Exploits0References4
NVD
NVD
added 2020/11/05 11:15 a.m.18 views

CVE-2020-7761

This affects the package @absolunet/kafe before 3.2.10. It allows cause a denial of service when validating crafted invalid emails...

5.3CVSS5.2AI score0.01555EPSS
Exploits0References2
Prion
Prion
added 2020/11/05 11:15 a.m.20 views

Denial of service

This affects the package @absolunet/kafe before 3.2.10. It allows cause a denial of service when validating crafted invalid emails...

5CVSS5.2AI score0.01555EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/11/05 10:25 a.m.57 views

CVE-2020-7761

CVE-2020-7761 affects the package @absolunet/kafe prior to 3.2.10. The vulnerability is a Regular Expression Denial of Service (ReDoS) caused by an insecure regex used to validate crafted invalid emails, which can lead to Denial of Service. Public advisories (GHSA, OSV, NVD, Snyk, Veracode, CVE l...

5.3CVSS5.2AI score0.01555EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2020/11/05 12:0 a.m.32 views

Uncontrolled Resource Consumption

This affects the package @absolunet/kafe It allows cause a denial of service when validating crafted invalid emails...

5.3CVSS3.9AI score0.01555EPSS
Exploits0References1Affected Software1
Snyk
Snyk
added 2020/10/14 10:38 a.m.2 views

Regular Expression Denial of Service (ReDoS)

Overview @absolunet/kafe is a Javascript utility library. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS. It allows cause a denial of service when validating crafted invalid emails. Details Denial of Service DoS describes a family of attacks, all...

5.3CVSS6.6AI score0.01555EPSS
Exploits0References2
Rows per page
Query Builder