/
DirectorySecurity AdvisoriesPricing
Sign In
Security Advisories

GHSA-36jr-mh4h-2g58

Published

Last updated

https://github.com/advisories/GHSA-36jr-mh4h-2g58

Severity

Unknown

Summary

d3-color vulnerable to ReDoS

Description

The d3-color module provides representations for various color spaces in the browser. Versions prior to 3.1.0 are vulnerable to a Regular expression Denial of Service. This issue has been patched in version 3.1.0. There are no known workarounds.

References

  • https://github.com/advisories/GHSA-36jr-mh4h-2g58
  • https://github.com/d3/d3-color/pull/100
  • https://github.com/d3/d3-color
  • https://github.com/d3/d3-color/releases/tag/v3.1.0
  • https://security.snyk.io/vuln/SNYK-JS-D3COLOR-1076592

Affected packages

Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Products

Chainguard ContainersChainguard LibrariesChainguard VMs

Why Chainguard

FedRAMPPCICVE RemediationGolden Images

Customers

Customer StoriesChainguard Love

Company

About UsPricingContact UsOpen SourceCareersNewsroomLegal

Resources

Unchained BlogEventsTrust CenterDocumentation