VYPR
High severityNVD Advisory· Published Apr 23, 2021· Updated Sep 16, 2024

Regular expression Denial of Service (ReDoS) in EmailValidator class in Vaadin 7

CVE-2020-36320

Description

Unsafe validation RegEx in EmailValidator class in com.vaadin:vaadin-server versions 7.0.0 through 7.7.21 (Vaadin 7.0.0 through 7.7.21) allows attackers to cause uncontrolled resource consumption by submitting malicious email addresses.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
com.vaadin:vaadin-bomMaven
>= 7.0.0.beta1, < 7.7.227.7.22
com.vaadin:vaadin-serverMaven
>= 7.0.0.beta1, < 7.7.227.7.22

Affected products

4

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.