CVE-2020-7779: Expression Language Injection

November 26, 2020 (updated July 21, 2021)

All versions of package djvalidator are vulnerable to Regular Expression Denial of Service (ReDoS) by sending crafted invalid emails

References

nvd.nist.gov/vuln/detail/CVE-2020-7779

Detect and mitigate CVE-2020-7779 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →