EUVD-2021-1045

Malware in sbrugna...

Regular Expression Denial of Service

Overview All versions of package dat.gui are vulnerable to Regular Expression Denial of Service ReDoS via specifically crafted rgb and rgba values. Recommendation Avoid using dat.gui as there is no current safe version of this module References - CVE - GitHub Advisory...

Regular Expression Denial of Service in dat.gui

All versions of package dat.gui are vulnerable to Regular Expression Denial of Service ReDoS via specifically crafted rgb and rgba values...

GHSA-CHWR-HF3W-C984 Regular Expression Denial of Service in dat.gui

All versions of package dat.gui are vulnerable to Regular Expression Denial of Service ReDoS via specifically crafted rgb and rgba values...

CVE-2020-7755

All versions of package dat.gui are vulnerable to Regular Expression Denial of Service ReDoS via specifically crafted rgb and rgba values...

CVE-2020-7755

All versions of package dat.gui are vulnerable to Regular Expression Denial of Service ReDoS via specifically crafted rgb and rgba values...

Input validation

All versions of package dat.gui are vulnerable to Regular Expression Denial of Service ReDoS via specifically crafted rgb and rgba values...

CVE-2020-7755 Regular Expression Denial of Service (ReDoS)

All versions of package dat.gui are vulnerable to Regular Expression Denial of Service ReDoS via specifically crafted rgb and rgba values...

CVE-2020-7755

CVE-2020-7755 affects the JavaScript package dat.gui. All versions are vulnerable to a Regular Expression Denial of Service (ReDoS) triggered by specially crafted rgb/rgba values, due to a problematic regex pattern (e.g., in interpret.js per Veracode reference). Impact is potential DoS; exploitat...

Regular Expression Denial Of Service (ReDoS)

dat.gui is vulnerable to regular expression denial of service. The sub-pattern \s.+\s in interpret.js and can be exploited to cause a denial of service...