Lucene search

CVE-2020-7755

🗓️ 27 Oct 2020 18:12:15Reported by snykType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 34 Views

All versions of package dat.gui are vulnerable to Regular Expression Denial of Service (ReDoS) via specifically crafted rgb and rgba values

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
Cvelist	CVE-2020-7755 Regular Expression Denial of Service (ReDoS)	27 Oct 202017:45	–	cvelist
Veracode	Regular Expression Denial Of Service (ReDoS)	14 Oct 202006:25	–	veracode
Github Security Blog	Regular Expression Denial of Service in dat.gui	10 May 202118:44	–	github
Node.js	Regular Expression Denial of Service	10 May 202118:48	–	nodejs
OSV	Regular Expression Denial of Service in dat.gui	10 May 202118:44	–	osv
Prion	Input validation	27 Oct 202018:15	–	prion
NVD	CVE-2020-7755	27 Oct 202018:15	–	nvd

Nvd

Node

dat.gui_project dat.guiRange<0.7.8

[
  {
    "product": "dat.gui",
    "vendor": "n/a",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
snyk	www.snyk.io/vuln/SNYK-JS-DATGUI-1016275
github	www.github.com/dataarts/dat.gui/issues/278

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Oct 2020 18:15Current

7.5High risk

Vulners AI Score7.5

CVSS25

CVSS37.5

EPSS0.00554

CWE-400