CVE-2021-31405

Uncontrolled Resource Consumption in maven/com.vaadin/vaadin-server

Identifier

CVE-2021-31405

Package Slug

maven/com.vaadin/vaadin-server

Vulnerability

Uncontrolled Resource Consumption

Description

Unsafe validation RegEx in EmailField component of com.vaadin:vaadin-text-field-flow allows attackers to cause uncontrolled resource consumption by submitting malicious email addresses.

Affected Versions

All versions starting from 14.0.6 before 14.4.4, all versions starting from 15.0.0 before 17.0.11

Solution

Upgrade to version 14.4.4 or 17.0.11 or above.

Last Modified

2021-05-10

source