CVE-2021-3807
Summary
| CVE | CVE-2021-3807 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2021-09-17 07:15:00 UTC |
|---|
| Updated | 2023-07-10 19:01:00 UTC |
|---|
| Description | ansi-regex is vulnerable to Inefficient Regular Expression Complexity |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| CVE-2021-3807 Node.js Vulnerability in NetApp Products | NetApp Product Security |
CONFIRM |
security.netapp.com |
|
| Oracle Critical Patch Update Advisory - April 2022 |
MISC |
www.oracle.com |
|
| Fix potential ReDoS (#37) · chalk/ansi-regex@8d1d7cd · GitHub |
MISC |
github.com |
|
| huntr: Disclose & Fix Security Vulnerabilities in Open Source |
CONFIRM |
huntr.dev |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 159554 Oracle Enterprise Linux Security Update for nodejs:16 (ELSA-2021-5171)
- 159622 Oracle Enterprise Linux Security Update for nodejs:14 (ELSA-2022-0350)
- 160094 Oracle Enterprise Linux Security Update for nodejs:16 (ELSA-2022-6449)
- 160111 Oracle Enterprise Linux Security Update for nodejs and nodejs-nodemon (ELSA-2022-6595)
- 179932 Debian Security Update for node-ansi-regex (CVE-2021-3807)
- 239970 Red Hat Update for nodejs:16 security (RHSA-2021:5171)
- 239986 Red Hat Update for rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon (RHSA-2022:0041)
- 240037 Red Hat Update for nodejs:14 security (RHSA-2022:0246)
- 240051 Red Hat Update for nodejs:14 security (RHSA-2022:0350)
- 240660 Red Hat Update for nodejs:16 (RHSA-2022:6449)
- 240676 Red Hat Update for nodejs and nodejs-nodemon (RHSA-2022:6595)
- 377422 Alibaba Cloud Linux Security Update for nodejs:14 (ALINUX3-SA-2022:0014)
- 751759 SUSE Enterprise Linux Security Update for nodejs8 (SUSE-SU-2022:0563-1)
- 751773 SUSE Enterprise Linux Security Update for nodejs12 (SUSE-SU-2022:0657-1)
- 751781 OpenSUSE Security Update for nodejs12 (openSUSE-SU-2022:0657-1)
- 751783 SUSE Enterprise Linux Security Update for nodejs8 (SUSE-SU-2022:0704-1)
- 751801 SUSE Enterprise Linux Security Update for nodejs14 (SUSE-SU-2022:0715-1)
- 751820 OpenSUSE Security Update for nodejs14 (openSUSE-SU-2022:0715-1)
- 751824 OpenSUSE Security Update for nodejs8 (openSUSE-SU-2022:0704-1)
- 751826 OpenSUSE Security Update for nodejs8 (openSUSE-SU-22022:20000-2)
- 752142 SUSE Enterprise Linux Security Update for nodejs10 (SUSE-SU-2022:1717-1)
- 754116 SUSE Enterprise Linux Security Update for SUSE Manager Client Tools (SUSE-SU-2023:2578-1)
- 755764 SUSE Enterprise Linux Security Update for SUSE Manager Client Tools (SUSE-SU-2024:0487-1)
- 940355 AlmaLinux Security Update for nodejs:16 (ALSA-2021:5171)
- 940448 AlmaLinux Security Update for nodejs:14 (ALSA-2022:0350)
- 940678 AlmaLinux Security Update for nodejs and nodejs-nodemon (ALSA-2022:6595)
- 960322 Rocky Linux Security Update for nodejs:16 (RLSA-2021:5171)
- 960531 Rocky Linux Security Update for nodejs and nodejs-nodemon (RLSA-2022:6595)
- 960863 Rocky Linux Security Update for nodejs:14 (RLSA-2022:0350)
- 980499 Nodejs (npm) Security Update for ansi-regex (GHSA-93q8-gq69-wqmw)
