High severityNVD Advisory· Published Dec 27, 2022· Updated Apr 11, 2025
email-existence index.js redos
CVE-2018-25049
Description
A vulnerability was found in email-existence. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The name of the patch is 0029ba71b6ad0d8ec0baa2ecc6256d038bdd9b56. It is recommended to apply a patch to fix this issue. VDB-216854 is the identifier assigned to this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
email-existencenpm | <= 0.1.6 | — |
Affected products
2- email-existence/email-existencedescription
Patches
Vulnerability mechanics
References
6- github.com/nmanousos/email-existence/commit/0029ba71b6ad0d8ec0baa2ecc6256d038bdd9b56ghsapatchWEB
- github.com/advisories/GHSA-p27h-4cpf-fw48ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-25049ghsaADVISORY
- github.com/nmanousos/email-existence/pull/37ghsaissue-trackingWEB
- vuldb.comghsasignaturepermissions-requiredWEB
- vuldb.comghsavdb-entryWEB
News mentions
0No linked articles in our index yet.