PT-2018-4701 · Unknown · Jshamcrest

Publicado

2018-05-31

Atualizado

2019-10-09

CVE-2016-10521

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions jshamcrest (affected versions not specified)

Description The issue concerns a regular expression denial of service (ReDoS) vulnerability. It occurs when certain types of user input are passed to the emailAddress validator. This can cause a denial of service. The vulnerability was identified on October 25, 2015, and maintainers were notified on the same day, but there was no response.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Resource Exhaustion

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-400CWE-20

Identificadores relacionados

CVE-2016-10521

GHSA-XJ62-87PG-VCV3

Produtos afetados

Jshamcrest

PT-2018-4701 · Unknown · Jshamcrest

CVE-2016-10521

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6