CVE-2017-20165

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-20165
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-20165.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-20165
Aliases
Published
2023-01-09T10:15:10Z
Modified
2024-05-30T01:22:02.976752Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability classified as problematic has been found in debug-js debug up to 3.0.x. This affects the function useColors of the file src/node.js. The manipulation of the argument str leads to inefficient regular expression complexity. Upgrading to version 3.1.0 is able to address this issue. The identifier of the patch is c38a0166c266a679c8de012d4eaccec3f944e685. It is recommended to upgrade the affected component. The identifier VDB-217665 was assigned to this vulnerability.

References

Affected packages

Git / github.com/debug-js/debug

Affected ranges

Type
GIT
Repo
https://github.com/debug-js/debug
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Type
GIT
Repo
https://github.com/visionmedia/debug
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

0.*

0.1.0
0.2.0
0.3.0
0.4.0
0.4.1
0.5.0
0.6.0
0.7.0
0.7.1
0.7.2
0.7.3
0.7.4
0.8.0
0.8.1

1.*

1.0.0
1.0.1
1.0.2
1.0.3
1.0.4

2.*

2.0.0
2.1.0
2.1.1
2.1.2
2.1.3
2.2.0
2.3.0
2.3.1
2.3.2
2.3.3
2.4.0
2.4.1
2.4.2
2.4.3
2.4.4
2.4.5
2.5.1
2.5.2
2.6.0
2.6.1
2.6.2
2.6.3
2.6.4
2.6.5
2.6.6
2.6.7
2.6.8

3.*

3.0.0
3.0.1