search

fecgov / fec-eregs

The Federal Election Commission's web-based application that makes regulations easier to find, read and understand.
https://www.fec.gov/regulations/
Other
33 stars 13 forks source link

[Snyk:High] Django Regular Expression Denial of Service (ReDoS)(due by 08/17/2023) #773

Closed pkfec closed 1 year ago

pkfec commented 1 year ago

Overview

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) in the EmailValidator and URLValidator classes, when processing a very large number of domain name labels on emails or URLs

https://app.snyk.io/org/fecgov/project/5e01de94-91bc-43d8-90b1-8843384b4b26#issue-SNYK-PYTHON-DJANGO-5750790

Detailed path:

django@3.2.19, django-haystack@3.1.1 and others

Completion criteria:

pkfec commented 1 year ago

PR #776 merged. Hence closing this issue