Description
A vulnerability classified as problematic has been found in debug-js debug up to 3.0.x. This affects the function useColors of the file src/node.js. The manipulation of the argument str leads to inefficient regular expression complexity. Upgrading to version 3.1.0 is able to address this issue.
Recommendation
Update the debug package to the latest compatible version. Followings are version details:
Affected version(s): **>= 3.0.0, < 3.1.0 < 2.6.9** Patched version(s): **3.1.0 2.6.9**
References
Related Issues
- XSS in the `of` option of the `.position()` util in jquery-ui - CVE-2021-41184
- [email protected] contains malware after npm account takeover - CVE-2025-59144
- NextJS-Auth0 SDK Vulnerable to CDN Caching of Session Cookies - CVE-2025-48947
- Strapi allows Server-Side Request Forgery in Webhook function - CVE-2024-52588
- Tags:
- npm
- debug
Anything's wrong? Let us know Last updated on October 24, 2023