is-email is an application used to validate email addresses. Segment is-email is vulnerable due to a ReDoS (regular expression denial of service) flaw discovered in Node.js prior to Segment is-email package 1.0.1. An attacker could exploit this flaw to cause the application to consume excessive CPU.