High severityNVD Advisory· Published Sep 17, 2021· Updated Aug 3, 2024
Inefficient Regular Expression Complexity in chalk/ansi-regex
CVE-2021-3807
Description
ansi-regex is vulnerable to Inefficient Regular Expression Complexity
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
ansi-regex is vulnerable to ReDoS; a crafted string can cause excessive CPU consumption and denial of service.
Vulnerability
The ansi-regex package contains a regular expression vulnerable to inefficient regular expression complexity (ReDoS) [1]. The vulnerability resides in the pattern used to match ANSI escape codes, which exhibits exponential backtracking under certain conditions [2].
Exploitation
An attacker can exploit this by supplying a specially crafted string as input to any application that processes user-controlled text through ansi-regex. No authentication or special privileges are required. The crafted input triggers catastrophic backtracking, causing the regex engine to consume excessive CPU time [2].
Impact
Successful exploitation results in a denial of service (DoS) condition, rendering the application unresponsive due to high CPU utilization. This affects the availability of the service [1].
Mitigation
The vulnerability has been fixed in commits `8d1d7cd` [3] and `419250f` [4]. Users should update to the latest patched version (e.g., v5.0.1 or later) to mitigate the risk.
References
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ansi-regexnpm | >= 6.0.0, < 6.0.1 | 6.0.1 |
ansi-regexnpm | >= 5.0.0, < 5.0.1 | 5.0.1 |
ansi-regexnpm | >= 4.0.0, < 4.1.1 | 4.1.1 |
ansi-regexnpm | >= 3.0.0, < 3.0.1 | 3.0.1 |
Affected products
184- osv-coords183 versionspkg:apk/chainguard/nodejs-14pkg:npm/ansi-regexpkg:rpm/almalinux/nodejspkg:rpm/almalinux/nodejs-develpkg:rpm/almalinux/nodejs-docspkg:rpm/almalinux/nodejs-full-i18npkg:rpm/almalinux/nodejs-libspkg:rpm/almalinux/nodejs-nodemonpkg:rpm/almalinux/nodejs-packagingpkg:rpm/almalinux/npmpkg:rpm/opensuse/bind&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/dracut-saltboot&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/dracut-saltboot&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/golang-github-lusitaniae-apache_exporter&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/grafana&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/grafana&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/nodejs10&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/nodejs10&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/prometheus-postgres_exporter&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/spacecmd&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/spacecmd&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/wire&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/wire&distro=openSUSE%20Leap%2015.5pkg:rpm/suse/ansible&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/bind&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/bind&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/dracut-saltboot&distro=SUSE%20Manager%20Client%20Tools%20Beta%20for%20SLE%20Micro%205pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205pkg:rpm/suse/golang-github-boynux-squid_exporter&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/golang-github-boynux-squid_exporter&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE%20Manager%20Proxy%20Module%204.3pkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/golang-github-prometheus-alertmanager&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/golang-github-prometheus-alertmanager&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/golang-github-prometheus-promu&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/golang-github-QubitProducts-exporter_exporter&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/golang-github-QubitProducts-exporter_exporter&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/golang-github-QubitProducts-exporter_exporter&distro=SUSE%20Manager%20Client%20Tools%20Beta%20for%20SLE%20Micro%205pkg:rpm/suse/grafana&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4pkg:rpm/suse/grafana&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5pkg:rpm/suse/grafana&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/grafana&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/grafana&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/grafana&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/kiwi-desc-saltboot&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/mgr-daemon&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/mgr-daemon&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/mgr-push&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/mgr-push&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/nodejs10&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/nodejs10&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/nodejs10&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/nodejs10&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/nodejs10&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/nodejs10&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/nodejs10&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/nodejs10&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/nodejs10&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2012pkg:rpm/suse/nodejs10&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/nodejs10&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/nodejs10&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/nodejs10&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/nodejs10&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/nodejs10&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/nodejs10&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/nodejs10&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/nodejs10&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/nodejs10&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/nodejs10&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/nodejs12&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/nodejs12&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/nodejs12&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/nodejs12&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2012pkg:rpm/suse/nodejs12&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2015%20SP3pkg:rpm/suse/nodejs12&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/nodejs12&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/nodejs12&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/nodejs12&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/nodejs12&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/nodejs12&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/nodejs14&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/nodejs14&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/nodejs14&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/nodejs14&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2012pkg:rpm/suse/nodejs14&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2015%20SP3pkg:rpm/suse/nodejs14&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/nodejs14&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/nodejs14&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/nodejs14&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/nodejs14&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/nodejs14&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/nodejs8&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/nodejs8&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/nodejs8&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/nodejs8&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/nodejs8&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/nodejs8&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/nodejs8&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/nodejs8&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/nodejs8&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/nodejs8&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/nodejs8&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/nodejs8&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/nodejs8&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/nodejs8&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/nodejs8&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/nodejs8&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/nodejs8&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/nodejs8&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/nodejs8&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/nodejs-common&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/nodejs-common&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/nodejs-common&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/nodejs-common&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/nodejs-common&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/nodejs-common&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/nodejs-common&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/nodejs-common&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/nodejs-common&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/nodejs-common&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/nodejs-common&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/nodejs-common&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/nodejs-common&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/nodejs-common&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/nodejs-common&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/nodejs-common&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/nodejs-common&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/nodejs-common&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/nodejs-common&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/prometheus-blackbox_exporter&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/prometheus-blackbox_exporter&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/prometheus-blackbox_exporter&distro=SUSE%20Manager%20Client%20Tools%20Beta%20for%20SLE%20Micro%205pkg:rpm/suse/prometheus-postgres_exporter&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/prometheus-postgres_exporter&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/prometheus-postgres_exporter&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/prometheus-postgres_exporter&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/python-hwdata&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/python-hwdata&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/python-pyvmomi&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/rhnlib&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/rhnlib&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/supportutils-plugin-susemanager-client&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/supportutils-plugin-susemanager-client&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/system-user-grafana&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/system-user-prometheus&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/uyuni-common-libs&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/uyuni-common-libs&distro=SUSE%20Manager%20Client%20Tools%2012-BETApkg:rpm/suse/uyuni-common-libs&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/uyuni-common-libs&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/uyuni-proxy-systemd-services&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/uyuni-proxy-systemd-services&distro=SUSE%20Manager%20Client%20Tools%2015-BETApkg:rpm/suse/uyuni-proxy-systemd-services&distro=SUSE%20Manager%20Client%20Tools%20Beta%20for%20SLE%20Micro%205pkg:rpm/suse/uyuni-proxy-systemd-services&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205pkg:rpm/suse/zypp-plugin-spacewalk&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/zypp-plugin-spacewalk&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/zypp-plugin-spacewalk&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/zypp-plugin-spacewalk&distro=SUSE%20Manager%20Proxy%20Module%204.3
< 14.21.3-r1+ 182 more
- (no CPE)range: < 14.21.3-r1
- (no CPE)range: >= 6.0.0, < 6.0.1
- (no CPE)range: < 1:16.13.1-3.module_el8.5.0+2605+45d748af
- (no CPE)range: < 1:16.13.1-3.module_el8.5.0+2605+45d748af
- (no CPE)range: < 1:16.13.1-3.module_el8.5.0+2605+45d748af
- (no CPE)range: < 1:16.13.1-3.module_el8.5.0+2605+45d748af
- (no CPE)range: < 1:16.16.0-1.el9_0
- (no CPE)range: < 2.0.15-1.module_el8.6.0+2904+f21ad6f4
- (no CPE)range: < 25-1.module_el8.5.0+246+05401605
- (no CPE)range: < 1:8.1.2-1.16.13.1.3.module_el8.5.0+2605+45d748af
- (no CPE)range: < 9.16.6-150000.12.65.1
- (no CPE)range: < 0.1.1681904360.84ef141-150000.1.50.1
- (no CPE)range: < 0.1.1681904360.84ef141-150000.1.50.1
- (no CPE)range: < 1.0.0-150000.1.20.1
- (no CPE)range: < 9.5.1-150200.3.41.3
- (no CPE)range: < 9.5.8-150200.3.53.2
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 0.10.1-150000.1.17.1
- (no CPE)range: < 4.3.21-150000.3.98.1
- (no CPE)range: < 4.3.21-150000.3.98.1
- (no CPE)range: < 0.5.0-150000.1.12.3
- (no CPE)range: < 0.5.0-150000.1.12.3
- (no CPE)range: < 2.9.27-159000.3.9.1
- (no CPE)range: < 9.16.6-150000.12.65.1
- (no CPE)range: < 9.16.6-150000.12.65.1
- (no CPE)range: < 9.16.6-150000.12.65.1
- (no CPE)range: < 9.16.6-150000.12.65.1
- (no CPE)range: < 9.16.6-150000.12.65.1
- (no CPE)range: < 9.16.6-150000.12.65.1
- (no CPE)range: < 9.16.6-150000.12.65.1
- (no CPE)range: < 9.16.6-150000.12.65.1
- (no CPE)range: < 0.1.1681904360.84ef141-150000.1.50.1
- (no CPE)range: < 0.1.1681904360.84ef141-159000.3.30.1
- (no CPE)range: < 0.1.1681904360.84ef141-159000.3.30.1
- (no CPE)range: < 0.1.1681904360.84ef141-150000.1.50.1
- (no CPE)range: < 1.6-4.9.2
- (no CPE)range: < 1.6-159000.4.9.1
- (no CPE)range: < 1.0.0-1.21.2
- (no CPE)range: < 1.0.0-4.12.4
- (no CPE)range: < 1.0.0-150000.1.20.1
- (no CPE)range: < 1.0.0-159000.4.12.1
- (no CPE)range: < 1.0.0-150000.1.20.1
- (no CPE)range: < 1.0.0-150000.1.20.1
- (no CPE)range: < 0.26.0-1.24.2
- (no CPE)range: < 0.26.0-4.12.4
- (no CPE)range: < 1.5.0-4.15.4
- (no CPE)range: < 2.45.0-1.50.2
- (no CPE)range: < 2.45.0-4.33.3
- (no CPE)range: < 2.45.0-150000.3.53.1
- (no CPE)range: < 2.45.0-159000.6.33.1
- (no CPE)range: < 0.14.0-4.12.2
- (no CPE)range: < 0.4.0-4.6.2
- (no CPE)range: < 0.4.0-159000.4.6.1
- (no CPE)range: < 0.4.0-159000.4.6.1
- (no CPE)range: < 9.5.1-150200.3.41.3
- (no CPE)range: < 9.5.8-150200.3.53.2
- (no CPE)range: < 9.5.1-1.48.1
- (no CPE)range: < 9.5.8-4.21.2
- (no CPE)range: < 9.5.1-150000.1.48.5
- (no CPE)range: < 9.5.8-159000.4.24.1
- (no CPE)range: < 0.1.1687520761.cefb248-4.15.2
- (no CPE)range: < 4.3.7-1.41.1
- (no CPE)range: < 4.3.7-150000.1.41.1
- (no CPE)range: < 5.0.1-4.21.4
- (no CPE)range: < 5.0.1-159000.4.21.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 10.24.1-1.46.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 10.24.1-150000.1.44.1
- (no CPE)range: < 12.22.10-4.29.3
- (no CPE)range: < 12.22.10-4.29.3
- (no CPE)range: < 12.22.10-4.29.3
- (no CPE)range: < 12.22.10-1.42.2
- (no CPE)range: < 12.22.10-4.29.3
- (no CPE)range: < 12.22.10-4.29.3
- (no CPE)range: < 12.22.10-4.29.3
- (no CPE)range: < 12.22.10-4.29.3
- (no CPE)range: < 12.22.10-4.29.3
- (no CPE)range: < 12.22.10-4.29.3
- (no CPE)range: < 12.22.10-4.29.3
- (no CPE)range: < 14.19.0-15.27.1
- (no CPE)range: < 14.19.0-15.27.1
- (no CPE)range: < 14.19.0-15.27.1
- (no CPE)range: < 14.19.0-6.24.1
- (no CPE)range: < 14.19.0-15.27.1
- (no CPE)range: < 14.19.0-15.27.1
- (no CPE)range: < 14.19.0-15.27.1
- (no CPE)range: < 14.19.0-15.27.1
- (no CPE)range: < 14.19.0-15.27.1
- (no CPE)range: < 14.19.0-15.27.1
- (no CPE)range: < 14.19.0-15.27.1
- (no CPE)range: < 8.17.0-3.54.2
- (no CPE)range: < 8.17.0-10.19.2
- (no CPE)range: < 8.17.0-3.54.2
- (no CPE)range: < 8.17.0-3.54.2
- (no CPE)range: < 8.17.0-10.19.2
- (no CPE)range: < 8.17.0-10.19.2
- (no CPE)range: < 8.17.0-3.54.2
- (no CPE)range: < 8.17.0-3.54.2
- (no CPE)range: < 8.17.0-3.54.2
- (no CPE)range: < 8.17.0-3.54.2
- (no CPE)range: < 8.17.0-10.19.2
- (no CPE)range: < 8.17.0-10.19.2
- (no CPE)range: < 8.17.0-3.54.2
- (no CPE)range: < 8.17.0-3.54.2
- (no CPE)range: < 8.17.0-3.54.2
- (no CPE)range: < 8.17.0-10.19.2
- (no CPE)range: < 8.17.0-10.19.2
- (no CPE)range: < 8.17.0-10.19.2
- (no CPE)range: < 8.17.0-10.19.2
- (no CPE)range: < 2.0-3.4.1
- (no CPE)range: < 2.0-3.4.1
- (no CPE)range: < 2.0-3.4.1
- (no CPE)range: < 2.0-3.4.1
- (no CPE)range: < 2.0-3.4.1
- (no CPE)range: < 2.0-3.4.1
- (no CPE)range: < 2.0-3.4.1
- (no CPE)range: < 2.0-3.4.1
- (no CPE)range: < 2.0-3.4.1
- (no CPE)range: < 2.0-3.4.1
- (no CPE)range: < 2.0-3.4.1
- (no CPE)range: < 2.0-3.4.1
- (no CPE)range: < 2.0-3.4.1
- (no CPE)range: < 2.0-3.4.1
- (no CPE)range: < 2.0-3.4.1
- (no CPE)range: < 2.0-3.4.1
- (no CPE)range: < 2.0-3.4.1
- (no CPE)range: < 2.0-3.4.1
- (no CPE)range: < 2.0-3.4.1
- (no CPE)range: < 0.24.0-3.6.3
- (no CPE)range: < 0.24.0-159000.3.6.1
- (no CPE)range: < 0.24.0-159000.3.6.1
- (no CPE)range: < 0.10.1-1.17.2
- (no CPE)range: < 0.10.1-3.6.4
- (no CPE)range: < 0.10.1-150000.1.17.1
- (no CPE)range: < 0.10.1-159000.3.6.1
- (no CPE)range: < 2.3.5-15.12.2
- (no CPE)range: < 2.3.5-159000.5.13.1
- (no CPE)range: < 6.7.3-159000.3.6.1
- (no CPE)range: < 5.0.1-24.30.3
- (no CPE)range: < 5.0.1-159000.6.30.1
- (no CPE)range: < 4.3.21-38.121.1
- (no CPE)range: < 5.0.1-41.42.3
- (no CPE)range: < 4.3.21-150000.3.98.1
- (no CPE)range: < 5.0.1-159000.6.42.1
- (no CPE)range: < 4.3.18-52.95.2
- (no CPE)range: < 4.3.18-150000.3.86.2
- (no CPE)range: < 5.0.1-159000.6.48.1
- (no CPE)range: < 1.2.2-9.9.2
- (no CPE)range: < 1.2.2-159000.5.9.1
- (no CPE)range: < 5.0.1-9.15.2
- (no CPE)range: < 5.0.1-159000.6.15.1
- (no CPE)range: < 1.0.0-3.7.2
- (no CPE)range: < 1.0.0-3.7.2
- (no CPE)range: < 4.3.8-1.33.1
- (no CPE)range: < 5.0.1-3.33.3
- (no CPE)range: < 4.3.8-150000.1.33.1
- (no CPE)range: < 5.0.1-159000.3.33.1
- (no CPE)range: < 4.3.10-150000.1.15.1
- (no CPE)range: < 5.0.1-159000.3.9.1
- (no CPE)range: < 5.0.1-159000.3.9.1
- (no CPE)range: < 4.3.10-150000.1.15.1
- (no CPE)range: < 1.0.14-30.42.1
- (no CPE)range: < 1.0.14-150000.3.35.1
- (no CPE)range: < 1.0.14-150000.3.35.1
- (no CPE)range: < 1.0.14-150000.3.35.1
- chalk/chalk/ansi-regexv5Range: unspecified
Patches
4c3c0b3f2736bFix potential ReDoS (#37)
1 file changed · +1 −1
index.js+1 −1 modified@@ -2,7 +2,7 @@ module.exports = ({onlyFirst = false} = {}) => { const pattern = [ - '[\\u001B\\u009B][[\\]()#;?]*(?:(?:(?:[a-zA-Z\\d]*(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]*)*)?\\u0007)', + '[\\u001B\\u009B][[\\]()#;?]*(?:(?:(?:(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]+)*|[a-zA-Z\\d]+(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]*)*)?\\u0007)', '(?:(?:\\d{1,4}(?:;\\d{0,4})*)?[\\dA-PR-TZcf-ntqry=><~]))' ].join('|');
419250fa510bFix potential ReDoS (#37)
1 file changed · +1 −1
index.js+1 −1 modified@@ -2,7 +2,7 @@ module.exports = () => { const pattern = [ - '[\\u001B\\u009B][[\\]()#;?]*(?:(?:(?:[a-zA-Z\\d]*(?:;[a-zA-Z\\d]*)*)?\\u0007)', + '[\\u001B\\u009B][[\\]()#;?]*(?:(?:(?:(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]+)*|[a-zA-Z\\d]+(?:;[a-zA-Z\\d]*)*)?\\u0007)', '(?:(?:\\d{1,4}(?:;\\d{0,4})*)?[\\dA-PRZcf-ntqry=><~]))' ].join('|');
75a657da7af8Fix potential ReDoS (#37)
1 file changed · +1 −1
index.js+1 −1 modified@@ -6,7 +6,7 @@ module.exports = options => { }, options); const pattern = [ - '[\\u001B\\u009B][[\\]()#;?]*(?:(?:(?:[a-zA-Z\\d]*(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]*)*)?\\u0007)', + '[\\u001B\\u009B][[\\]()#;?]*(?:(?:(?:(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]+)*|[a-zA-Z\\d]+(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]*)*)?\\u0007)', '(?:(?:\\d{1,4}(?:;\\d{0,4})*)?[\\dA-PR-TZcf-ntqry=><~]))' ].join('|');
8d1d7cdb5862Fix potential ReDoS (#37)
1 file changed · +1 −1
index.js+1 −1 modified@@ -1,6 +1,6 @@ export default function ansiRegex({onlyFirst = false} = {}) { const pattern = [ - '[\\u001B\\u009B][[\\]()#;?]*(?:(?:(?:[a-zA-Z\\d]*(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]*)*)?\\u0007)', + '[\\u001B\\u009B][[\\]()#;?]*(?:(?:(?:(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]+)*|[a-zA-Z\\d]+(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]*)*)?\\u0007)', '(?:(?:\\d{1,4}(?:;\\d{0,4})*)?[\\dA-PR-TZcf-ntqry=><~]))' ].join('|');
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
14- github.com/advisories/GHSA-93q8-gq69-wqmwghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-3807ghsaADVISORY
- app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908ghsaWEB
- github.com/chalk/ansi-regex/commit/419250fa510bf31b4cc672e76537a64f9332e1f1ghsaWEB
- github.com/chalk/ansi-regex/commit/75a657da7af875b2e2724fd6331bf0a4b23d3c9aghsaWEB
- github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9ghsaWEB
- github.com/chalk/ansi-regex/commit/c3c0b3f2736b9c01feec0fef33980c43720dcde8ghsaWEB
- github.com/chalk/ansi-regex/issues/38ghsaWEB
- github.com/chalk/ansi-regex/issues/38ghsaWEB
- github.com/chalk/ansi-regex/releases/tag/v6.0.1ghsaWEB
- huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994ghsaWEB
- security.netapp.com/advisory/ntap-20221014-0002ghsaWEB
- www.oracle.com/security-alerts/cpuapr2022.htmlghsaWEB
- security.netapp.com/advisory/ntap-20221014-0002/mitre
News mentions
0No linked articles in our index yet.