search

antonioru / deep-waters

🔥Deep Waters is an easy-to-compose functional validation system for javascript developers 🔥
https://antonioru.gitbook.io/deep-waters/
MIT License
199 stars 9 forks source link

Security fix for ReDoS #12

Open ready-research opened 3 years ago

ready-research commented 3 years ago

The isEmail functionality using vulnerable regex to verify email. Fixing the issue by Switch email pattern to the practical implementation of RFC 5322.

Reported in https://www.huntr.dev/bounties/2f42873d-83d7-4006-aa0e-65d085c01071/