CVE-2021-36716
npm/is-email
Improper Input Validation
A ReDoS (regular expression denial of service) flaw was found in the Segment is-email package for Node.js. An attacker that is able to provide crafted input to the isEmail(input)
function may cause an application to consume an excessive amount of CPU.
All versions before 1.0.1
Upgrade to version 1.0.1 or above.
2021-07-19
source |