validate-color is a personal development by Wallace Sidhrée of Norway for validating HTML colors. validate-color v2.1.0 contains a denial-of-service vulnerability that stems from a failure to properly handle crafted invalid rgb(a) strings, which can be exploited by attackers to cause a regular expression denial of service ( ReDOS).
CPE | Name | Operator | Version |
---|---|---|---|
validate-color validate-color v | eq | 2.1.0 |