CVE-2021-3807
HIGHansi-regex - Inefficient Regular Expression Complexity
Title source: llmDescription
ansi-regex is vulnerable to Inefficient Regular Expression Complexity
References (4)
Core 4
Core References
Patch, Third Party Advisory
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
Exploit, Issue Tracking, Patch, Third Party Advisory
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
Third Party Advisory
https://security.netapp.com/advisory/ntap-20221014-0002/
Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html
Scores
CVSS v3
7.5
EPSS
0.0022
EPSS Percentile
43.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-1333
Status
published
Products (6)
ansi-regex_project/ansi-regex
3.0.0
ansi-regex_project/ansi-regex
5.0.0
ansi-regex_project/ansi-regex
6.0.0
ansi-regex_project/ansi-regex
4.0.0 - 4.1.1
npm/ansi-regex
6.0.0 - 6.0.1npm
oracle/communications_cloud_native_core_policy
1.15.0
Published
Sep 17, 2021
Tracked Since
Feb 18, 2026