CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-36716

A ReDoS (regular expression denial of service) flaw was found in the Segment is-email package before 1.0.1 for Node.js. An attacker that is able to provide crafted input to the isEmail(input) function may cause an application to consume an excessive amount of CPU.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.7%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://github.com/segmentio/is-email/releases
https://segment.com/docs/release_notes/2021-07-13-cve-2021-36716/
https://github.com/segmentio/is-email/releases
https://segment.com/docs/release_notes/2021-07-13-cve-2021-36716/

Products affected by CVE-2021-36716

Segment » Is-Email » Version: N/A

cpe:2.3:a:segment:is-email:-
Segment » Is-Email » Version: 0.0.1

cpe:2.3:a:segment:is-email:0.0.1
Segment » Is-Email » Version: 0.1.0

cpe:2.3:a:segment:is-email:0.1.0
Segment » Is-Email » Version: 0.1.1

cpe:2.3:a:segment:is-email:0.1.1
Segment » Is-Email » Version: 1.0.0

cpe:2.3:a:segment:is-email:1.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-36716

Products

Pricing

Contact Us