Lucene search
K

6 matches found

Node.js
Node.js
added 2021/05/10 6:48 p.m.56 views

Regular Expression Denial of Service

Overview All versions of package dat.gui are vulnerable to Regular Expression Denial of Service ReDoS via specifically crafted rgb and rgba values. Recommendation Avoid using dat.gui as there is no current safe version of this module References - CVE - GitHub Advisory...

5CVSS5.2AI score0.02073EPSS
Exploits1Affected Software1
vulnersOsv
vulnersOsv
added 2021/05/10 6:44 p.m.6 views

@cycle-robot-drivers/run (>=0.0.0 <=1.0.27), @wannaby/wanna-model-viewer (>=0.0.1 <=0.0.10) +17 more potentially affected by CVE-2020-7755 via dat.gui (>=0.6.5 <=0.7.7)

dat.gui NPM version =0.6.5, =0.0.0, =0.0.1, =1.0.0, =3.0.0, =0.0.0, =0.0.0, =1.0.0, =0.6.0, =0.1.0, =0.3.2, =2.0.0, =0.0.7, =0.0.0, =0.0.7 and more Source cves: CVE-2020-7755 Source advisory: OSV:GHSA-CHWR-HF3W-C984...

7.5CVSS7.1AI score0.02073EPSS
Exploits1
NVD
NVD
added 2020/10/27 6:15 p.m.29 views

CVE-2020-7755

All versions of package dat.gui are vulnerable to Regular Expression Denial of Service ReDoS via specifically crafted rgb and rgba values...

7.5CVSS7.5AI score0.02073EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/10/27 5:45 p.m.31 views

CVE-2020-7755 Regular Expression Denial of Service (ReDoS)

All versions of package dat.gui are vulnerable to Regular Expression Denial of Service ReDoS via specifically crafted rgb and rgba values...

7.5CVSS7.5AI score0.02073EPSS
Exploits1References2
CVE
CVE
added 2020/10/27 5:45 p.m.52 views

CVE-2020-7755

CVE-2020-7755 affects the JavaScript package dat.gui. All versions are vulnerable to a Regular Expression Denial of Service (ReDoS) triggered by specially crafted rgb/rgba values, due to a problematic regex pattern (e.g., in interpret.js per Veracode reference). Impact is potential DoS; exploitat...

7.5CVSS7.5AI score0.02073EPSS
Exploits1References2Affected Software1
vulnersOsv
vulnersOsv
added 2020/10/07 1:13 p.m.3 views

@cycle-robot-drivers/run (>=0.0.0 <=1.0.27), @wannaby/wanna-model-viewer (>=0.0.1 <=0.0.10) +17 more potentially affected by CVE-2020-7755 via dat.gui (>=0.6.5 <=0.7.7)

dat.gui NPM version =0.6.5, =0.0.0, =0.0.1, =1.0.0, =3.0.0, =0.0.0, =0.0.0, =1.0.0, =0.6.0, =0.1.0, =0.3.2, =2.0.0, =0.0.7, =0.0.0, =0.0.7 and more Source cves: CVE-2020-7755 Source advisory: SNYK:JS-DATGUI-1016275...

7.5CVSS7.1AI score0.02073EPSS
Exploits1
Rows per page
Query Builder