Description
A vulnerability was found in rgb2hex up to 0.1.5. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely. Upgrading to version 0.1.6 can address this issue.
Recommendation
Update the rgb2hex package to the latest compatible version. Followings are version details:
- Affected version(s): < 0.1.6
- Patched version(s): 0.1.6
References
Related Issues
- markdown-it vulnerable to Inefficient Regular Expression Complexity - CVE-2015-10005
- Cattown is Vulnerable to Uncontrolled Resource Consumption through Inefficient Regular Expression Complexity - CVE-2025-58451
- Moment.js vulnerable to Inefficient Regular Expression Complexity - CVE-2022-31129
- debug Inefficient Regular Expression Complexity vulnerability - CVE-2017-20165
- Tags:
- npm
- rgb2hex
Anything's wrong? Let us know Last updated on October 20, 2023