The following versions of node-email-verifier are currently receiving security updates:
| Version | Supported |
|---|---|
| 3.1.x | ✅ |
| 3.0.x | ✅ |
| < 3.0 | ❌ |
If you discover a security vulnerability in node-email-verifier, please report it by:
- Email: Send details to
[email protected] - Do NOT open a public issue
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Response Time: You'll receive an acknowledgment within 48 hours
- Updates: We'll keep you informed about our progress
- Resolution: Security patches are typically released within 7-14 days
- Credit: We'll credit you in the release notes (unless you prefer to remain anonymous)
This project validates email formats and checks MX records. Security issues might include:
- ReDoS (Regular Expression Denial of Service) vulnerabilities
- DNS injection possibilities
- Issues that could leak sensitive information
Thank you for helping keep node-email-verifier secure! 🔐