PT-2019-20081 · Marked · Marked
Published
2019-06-05
·
Updated
2019-06-05
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
marked versions 0.3.14 through 0.6.1
Description
The issue allows attackers to potentially crash the node process due to resource exhaustion by evaluating email addresses in quadratic time.
Recommendations
For marked versions 0.3.14 through 0.6.1, upgrade to version 0.6.2 or later.
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Marked