CVE-2021-31405

Uncontrolled Resource Consumption in maven/com.vaadin/flow-client

Identifier

CVE-2021-31405

Package Slug

maven/com.vaadin/flow-client

Vulnerability

Uncontrolled Resource Consumption

Description

Unsafe validation RegEx in the EmailField component of com.vaadin:vaadin-text-field-flow allows attackers to cause uncontrolled resource consumption by submitting malicious email addresses.

Affected Versions

All versions starting from 14.0.6 before 14.4.4, all versions starting from 15.0.0 before 17.0.11

Solution

Upgrade to version 14.4.4 or 17.0.11 or above.

Last Modified

2021-05-10

source