5.3
CVE-2021-23388
- EPSS 0.37%
- Veröffentlicht 01.06.2021 14:15:08
- Zuletzt bearbeitet 21.11.2024 05:51:37
- Quelle report@snyk.io
- CVE-Watchlists
- Unerledigt
LoginThe package forms before 1.2.1, from 1.3.0 and before 1.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via email validation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Forms Project ≫ Forms SwPlatformnode.js Version < 1.2.1
Forms Project ≫ Forms SwPlatformnode.js Version >= 1.3.0 < 1.3.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.37% | 0.559 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
| report@snyk.io | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
|