← Back

Segment

segment

2 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Is Email
is-email
1 CVE
Is Url
is-url
1 CVE

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-25079
1Segment
1Is Url
Nov 21, 2024
Feb 4, 2023
N/A· v4
7.5 HIGH· v3
4.0 MEDIUM· v2
A vulnerability was found in Segmentio is-url up to 1.2.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expres...Show more
A vulnerability was found in Segmentio is-url up to 1.2.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely. Upgrading to version 1.2.3 is able to address this issue. The patch is identified as 149550935c63a98c11f27f694a7c4a9479e53794. It is recommended to upgrade the affected component. VDB-220058 is the identifier assigned to this vulnerability.Show less
CVE-2021-36716
1Segment
1Is Email
Nov 21, 2024
Jul 14, 2021
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A ReDoS (regular expression denial of service) flaw was found in the Segment is-email package before 1.0.1 for Node.js. An attacker that is able to provide crafted input to the isEmail(input) function may cause an applic...Show more
A ReDoS (regular expression denial of service) flaw was found in the Segment is-email package before 1.0.1 for Node.js. An attacker that is able to provide crafted input to the isEmail(input) function may cause an application to consume an excessive amount of CPU.Show less