CVE-2023-39619

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 25, 2023
Updated: Nov 7, 2023
CWE ID 1333

Summary

CVE-2023-39619 is a recently disclosed vulnerability affecting the NPMJS Node Email Check version 1.0.4. An attacker can exploit this ReDoS (Recursive Denial of Service) vulnerability in the scpSyntax component by sending a crafted string. This can lead to a denial of service condition, preventing the email check service from functioning properly. The vulnerability allows an attacker to manipulate the input, resulting in excessive resource consumption and potential service disruption. Users are advised to upgrade to a patched version of the email check library to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share