Lucene search
+L

4 matches found

Cvelist
Cvelist
added 2021/05/05 7:7 p.m.33 views

CVE-2021-31409 Server session is not invalidated when logout() helper method of Authentication module is used in Vaadin 18-19

Unsafe validation RegEx in EmailValidator component in com.vaadin:vaadin-compatibility-server versions 8.0.0 through 8.12.4 Vaadin versions 8.0.0 through 8.12.4 allows attackers to cause uncontrolled resource consumption by submitting malicious email addresses...

7.5CVSS7.6AI score0.01672EPSS
Exploits0References3
CVE
CVE
added 2021/05/05 7:7 p.m.210 views

CVE-2021-31409

The CVE-2021-31409 entry concerns Vaadin’s EmailValidator in the com.vaadin:vaadin-compatibility-server module (versions 8.0.0–8.12.4). A RegEx-based input validation flaw can lead to uncontrolled resource consumption (DoS) when processing malicious email addresses. The referenced advisories and ...

7.5CVSS7.3AI score0.01672EPSS
Exploits0References3Affected Software1
vulnersOsv
vulnersOsv
added 2021/05/04 5:42 p.m.8 views

com.github.mvysny.karibudsl:karibu-dsl-v8compat7 (>=1.0.0 <=1.0.6), com.vaadin:vaadin-compatibility-client (>=8.0.0 <=8.12.4) +24 more potentially affected by CVE-2021-31409 via com.vaadin:vaadin-compatibility-server (>=8.0.0 <=8.12.4)

com.vaadin:vaadin-compatibility-server MAVEN version =8.0.0, =1.0.0, =8.0.0, =8.0.0, =7.3.0, =7.1.0, =7.1.0, =7.1.0, =7.1.0, =7.1.0, =7.1.0, =2.0.0, =0.8.2, =1.2.0, =1.3.0-rc01 and more Source cves: CVE-2021-31409 Source advisory: OSV:GHSA-C332-W4JM-55WV...

7.5CVSS7.1AI score0.01672EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2021/04/30 8:17 a.m.3 views

CVE-2021-31409

Unsafe validation RegEx in EmailValidator component in com.vaadin:vaadin-compatibility-server versions 8.0.0 through 8.12.4 Vaadin versions 8.0.0 through 8.12.4 allows attackers to cause uncontrolled resource consumption by submitting malicious email addresses...

7.5CVSS7AI score0.01672EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder