CGA-6jqj-g9rj-hr7q

Published

Last updated

https://images.chainguard.dev/security/CGA-6jqj-g9rj-hr7q

Package

kibana-7.17

Latest Update

Under investigation

Aliases

GHSA-36jr-mh4h-2g58

Summary

d3-color vulnerable to ReDoS

Description

The d3-color module provides representations for various color spaces in the browser. Versions prior to 3.1.0 are vulnerable to a Regular expression Denial of Service. This issue has been patched in version 3.1.0. There are no known workarounds.

References

https://github.com/advisories/GHSA-36jr-mh4h-2g58
https://github.com/d3/d3-color/pull/100
https://github.com/d3/d3-color
https://github.com/d3/d3-color/releases/tag/v3.1.0
https://security.snyk.io/vuln/SNYK-JS-D3COLOR-1076592

Updates

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CGA-6jqj-g9rj-hr7q

Summary

Description

References

Updates

Product

Why Chainguard

Customers

Company

Resources