4 matches found
Design/Logic Flaw
Unsafe validation RegEx in EmailField component in com.vaadin:vaadin-text-field-flow versions 2.0.4 through 2.3.2 Vaadin 14.0.6 through 14.4.3, and 3.0.0 through 4.0.2 Vaadin 15.0.0 through 17.0.10 allows attackers to cause uncontrolled resource consumption by submitting malicious email addresses...
CVE-2021-31405
The CVE pertains to Vaadin text-field-flow’s EmailField regex validation, which allows a ReDoS-style resource exhaustion by submitting malicious email addresses. Affected are vaadin-text-field-flow versions 2.0.4–2.3.2 (Vaadin 14.0.6–14.4.3) and 3.0.0–4.0.2 (Vaadin 15.0.0–17.0.10). The root cause...
Vaadin flow 资源管理错误漏洞
Vaadin flow is an application. vaadin platform Java framework for building modern websites that look good, perform well and delight you and your users. vaadin: vaadin-text-field-flow versions 2.0.4 through 2.3.2 are vulnerable to resource management errors, which can be exploited by attackers to ...
Regular Expression Denial Of Service (ReDoS)
vaadin-text-field-flow is vulnerable to regular expression denial of service. Unsafe validation RegEx in EmailField allows an attacker to cause excessive CPU usage which could lead to a denial of service condition...