validate-color is vulnerable to regular expression denial of service (ReDoS) attacks. A remote attacker is able to cause denial of service conditions via injecting crafted invalid rgb(a) strings through validateHTMLColorRgb
function.
CPE | Name | Operator | Version |
---|---|---|---|
validate-color | le | 2.2.1 | |
validate-color | le | 2.2.1 |