CVE-2020-36320

Uncontrolled Resource Consumption in maven/com.vaadin/vaadin-server

Identifier

CVE-2020-36320

Package Slug

maven/com.vaadin/vaadin-server

Vulnerability

Uncontrolled Resource Consumption

Description

Unsafe validation RegEx in EmailValidator class in com.vaadin:vaadin-server allows attackers to cause uncontrolled resource consumption by submitting malicious email addresses.

Affected Versions

All versions starting from 7.0.0 before 7.7.22

Solution

Upgrade to version 7.7.22 or higher.

Last Modified

2021-05-07

source