14 matches found
EUVD-2021-1238
Malware in sbrugna...
CVE-2021-29060
A Regular Expression Denial of Service ReDOS vulnerability was found in Color-String, which occurs when the application is provided and checks a crafted invalid HWB string. The highest threat from this vulnerability is to system availability...
Regular Expression Denial Of Service (ReDoS)
color-string is vulnerable to regular expression denial of service. An attacker parsing a malicious crafted string that consist of more than 5000 characters into the hwb or hsl function will cause the system to crash...
GHSA-257V-VJ4P-3W2H Regular Expression Denial of Service (ReDOS)
In the npm package color-string, there is a ReDos Regular Expression Denial of Service vulnerability regarding an exponential time complexity for linearly increasing input lengths for hwb color strings. Strings reaching more than 5000 characters would see several milliseconds of processing time;...
Regular Expression Denial of Service (ReDOS)
In the npm package color-string, there is a ReDos Regular Expression Denial of Service vulnerability regarding an exponential time complexity for linearly increasing input lengths for hwb color strings. Strings reaching more than 5000 characters would see several milliseconds of processing time;...
CVE-2021-29060
A Regular Expression Denial of Service ReDOS vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string...
UBUNTU-CVE-2021-29060
A Regular Expression Denial of Service ReDOS vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string...
CVE-2021-29060
A Regular Expression Denial of Service ReDOS vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string...
Design/Logic Flaw
A Regular Expression Denial of Service ReDOS vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string...
CVE-2021-29060
CVE-2021-29060 is a ReDOS in the Node.js color-string module (Color-String) triggered by crafted HWB strings, with IBM security bulletins stating IBM Process Mining and IBM QRadar-related deployments are affected. The vulnerability affects Color-String 1.5.5 and earlier; remediation is to upgrade...
CVE-2021-29060
A Regular Expression Denial of Service ReDOS vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string...
CVE-2021-29060
A Regular Expression Denial of Service ReDOS vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string...
Regular Expression Denial of Service (ReDoS)
Overview color-string is a Parser and generator for CSS color strings Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the hwb regular expression in the cs.get.hwb function in index.js. The affected regular expression exhibits quadratic worst-case...
Denial of Service Vulnerability in Multiple ImageMagick Functions
ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A security vulnerability exists in several functions in ImageMagick versions 7.0.4-9. The vulnerability can be exploit...