CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-32816

ProtonMail Web Client is the official AngularJS web client for the ProtonMail secure email service. ProtonMail Web Client before version 3.16.60 has a regular expression denial-of-service vulnerability. This was fixed in commit 6687fb. There is a full report available in the referenced GHSL-2021-027.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.5%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 5.0

References

https://github.com/ProtonMail/WebClient/commit/6687fbb867ef872c96cf4fde68cb6e9c58d3fddc
https://securitylab.github.com/advisories/GHSL-2021-027-redos-ProtonMail/
https://github.com/ProtonMail/WebClient/commit/6687fbb867ef872c96cf4fde68cb6e9c58d3fddc
https://securitylab.github.com/advisories/GHSL-2021-027-redos-ProtonMail/

Products affected by CVE-2021-32816

Protonmail » Protonmail » Version: Any

cpe:2.3:a:protonmail:protonmail:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-32816

Products

Pricing

Contact Us