PT-2018-4701 · Unknown · Jshamcrest

Published

2018-05-31

Updated

2019-10-09

CVE-2016-10521

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions jshamcrest (affected versions not specified)

Description The issue concerns a regular expression denial of service (ReDoS) vulnerability. It occurs when certain types of user input are passed to the emailAddress validator. This can cause a denial of service. The vulnerability was identified on October 25, 2015, and maintainers were notified on the same day, but there was no response.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Resource Exhaustion

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-20

Related Identifiers

CVE-2016-10521

GHSA-XJ62-87PG-VCV3

Affected Products

Jshamcrest

PT-2018-4701 · Unknown · Jshamcrest

CVE-2016-10521

Weakness Enumeration

Related Identifiers

Affected Products

References · 6