4 matches found
Zod denial of service vulnerability during email validation
Impact API servers running express-zod-api having: - version of express-zod-api below 10.0.0-beta1, - and using the following or similar validation schema in its implementation: z.string.email, are vulnerable to a DoS attack due to: - Inefficient Regular Expression Complexity in zod versions up t...
CVE-2023-4316
Zod in versions 3.21.0 up to and including 3.22.3 allows an attacker to perform a denial of service while validating emails...
CVE-2023-4316 Zod 3.22.2 - Regular expression Denial of Service
Zod in versions 3.21.0 up to and including 3.22.3 allows an attacker to perform a denial of service while validating emails...
CVE-2023-4316
CVE-2023-4316 affects Zod versions 3.21.0 through 3.22.3, enabling denial-of-service when validating emails due to inefficient regex handling. Affected software: Zod (JavaScript/TypeScript). Root cause: regex-based email validation can be exploited to exhaust resources. Impact: DoS during email v...