Unsafe validation RegEx in EmailValidator component in com.vaadin:vaadin-compatibility-server versions 8.0.0 through 8.12.4 (Vaadin versions 8.0.0 through 8.12.4) allows attackers to cause uncontrolled resource consumption by submitting malicious email addresses.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| com.vaadin:vaadin-compatibility-server(Maven) | 8.0.0 | 8.13.0 | N/A |
CVSS Metrics
