How severe is CVE-2017-20165?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2017-20165?

This is classified as CWE-1333, which is a common weakness in software security.

CVE-2017-20165

HIGH Year: 2017

CVSS v3 Score

7.5

High

CVSS v2 Score

2.7

Low

Weakness Type

CWE-1333

View all →

Vulnerability Description

A vulnerability classified as problematic has been found in debug-js debug up to 3.0.x. This affects the function useColors of the file src/node.js. The manipulation of the argument str leads to inefficient regular expression complexity. Upgrading to version 3.1.0 is able to address this issue. The identifier of the patch is c38a0166c266a679c8de012d4eaccec3f944e685. It is recommended to upgrade the affected component. The identifier VDB-217665 was assigned to this vulnerability.

CVE-2015-10005

HIGH

CVSS:7.5(High)

A vulnerability was found in markdown-it up to 2.x. It has been classified as problematic. Affected is an unknown function of the file lib/common/html_re.js. The manipulation leads to inefficient regu...

CWE-13332015

CVE-2015-8315

HIGH

CVSS:7.5(High)

The ms package before 0.7.1 for Node.js allows attackers to cause a denial of service (CPU consumption) via a long version string, aka a "regular expression denial of service (ReDoS)."

CWE-13332015

CVE-2015-8854

HIGH

CVSS:7.5(High)

The marked package before 0.3.4 for Node.js allows attackers to cause a denial of service (CPU consumption) via unspecified vectors that trigger a "catastrophic backtracking issue for the em inline ru...

CWE-13332015

CVE-2018-25049

HIGH

CVSS:7.5(High)

A vulnerability was found in email-existence. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular...

CWE-13332018

CVE-2018-25061

HIGH

CVSS:7.5(High)

A vulnerability was found in rgb2hex up to 0.1.5. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to inefficient regular expression complexity. The...

CWE-13332018

CVE-2018-25074

HIGH

CVSS:7.5(High)

A vulnerability was found in Prestaul skeemas and classified as problematic. This issue affects some unknown processing of the file validators/base.js. The manipulation of the argument uri leads to in...

CWE-13332018

CVE-2017-20165

Vulnerability Description

Related Vulnerabilities

CVE-2015-10005

CVE-2015-8315

CVE-2015-8854

CVE-2018-25049

CVE-2018-25061

CVE-2018-25074