segmentio · markzegarelli · Jul 13, 2021 · Jul 13, 2021 · Jul 13, 2021
@@ -55,4 +55,16 @@ algolia:
   index_name:     segment-docs
   files_to_exclude:
     - _release_notes/*
+    - utils/*
   nodes_to_index: 'p, table#limit'
+  settings:
+    customRanking:
+      - desc(title)
+      - desc(custom_ranking.heading)
+      - asc(custom_ranking.position)
+    attributesForFaceting:
+      - searchable(categories)
+      - searchable(hidden)
+      - searchable(tags)
+      - searchable(title)
+      - type
@@ -0,0 +1,15 @@
+---
+title: CVE-2021-36716 - A ReDoS (Regular Expression Denial of Service)
+description: |
+  A ReDoS (Regular Expression Denial of Service) flaw was identified within the segment “is-email” package prior to version 1.0.1 for Node.js and web browsers as client side code.
+
+  An Attacker that can provide crafted input to the `isEmail(input)` function may cause an application to consume an excessive amount of CPU.
+
+  Credit to Yeting Li for identifying and reporting the vulnerability to Segment.
+
+  The latest version of “is-email” is available in the [segmentio/is-email repository](https://github.com/segmentio/is-email).
+release_type: patch
+product_area: package
+business: false
+team: false
+---