Regular Expression Denial Of Service (ReDoS)

regexfn is vulnerable to regular expression denial of service. The vulnerability exists in isEmail function in index.js because the emails are not properly validated with sufficient regular expression complexity which allows an attacker to send crafted invalid emails causing a denial of service...

Denial Of Service (DoS)

is-email is vulnerable to denial of service. The isEmail function in the index.js does not properly check the email length, allowing an attacker to crash the application by providing a long-length email...

CVE-2021-36716

A ReDoS regular expression denial of service flaw was found in the Segment is-email package before 1.0.1 for Node.js. An attacker that is able to provide crafted input to the isEmailinput function may cause an application to consume an excessive amount of CPU...

Regular Expression Denial of Service (ReDoS)

Overview is-email is a Loosely validate an email address. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the isEmail function. PoC: var isEmail = require"is-email" function buildblankn var ret = "" for var i = 0; i n; i++ ret += "@" return ret +...