CVE-2021-39229

Name of the Vulnerable Software and Affected Versions Apprise versions prior to 0.9.5.1

Description The issue affects users of Apprise who have granted access to the IFTTT plugin, making them subject to a denial of service attack due to an inefficient regular expression. The vulnerable regular expression is located in the NotifyIFTTT.py file. This issue has been patched in release version 0.9.5.1.

Recommendations For versions prior to 0.9.5.1, update to Apprise v0.9.5.1 by running pip install apprise==0.9.5.1. As a temporary workaround for users unable to upgrade, consider removing the apprise/plugins/NotifyIFTTT.py file to eliminate the vulnerable service, although this will disable IFTTT notification functionality.