CVE-2021-29060 - Vulnerability Details - OpenCVE

A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Color-string Project	Color-string

Configuration 1 [-]

cpe:2.3:a:color-string_project:color-string:*:*:*:*:*:node.js:*:*

No data.

References

Link	Providers
https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3
https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md
https://github.com/yetingli/SaveResults/blob/main/js/color-string.js
https://nvd.nist.gov/vuln/detail/CVE-2021-29060
https://snyk.io/vuln/SNYK-JS-COLORSTRING-1082939
https://www.cve.org/CVERecord?id=CVE-2021-29060
https://www.npmjs.com/package/color-string

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-06-21T15:45:53

Updated: 2024-08-03T21:55:12.637Z

Reserved: 2021-03-22T00:00:00

Link: CVE-2021-29060

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-06-21T16:15:08.113

Modified: 2024-11-21T06:00:37.343

Link: CVE-2021-29060

Redhat

Severity : Moderate

Publid Date: 2021-06-21T00:00:00Z

Links: CVE-2021-29060 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-06-21T15:45:53", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/yetingli/SaveResults/blob/main/js/color-string.js"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3"}, {"tags": ["x_refsource_MISC"], "url": "https://www.npmjs.com/package/color-string"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-29060", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/yetingli/SaveResults/blob/main/js/color-string.js", "refsource": "MISC", "url": "https://github.com/yetingli/SaveResults/blob/main/js/color-string.js"}, {"name": "https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3", "refsource": "MISC", "url": "https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3"}, {"name": "https://www.npmjs.com/package/color-string", "refsource": "MISC", "url": "https://www.npmjs.com/package/color-string"}, {"name": "https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md", "refsource": "MISC", "url": "https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T21:55:12.637Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/yetingli/SaveResults/blob/main/js/color-string.js"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.npmjs.com/package/color-string"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-29060", "datePublished": "2021-06-21T15:45:53", "dateReserved": "2021-03-22T00:00:00", "dateUpdated": "2024-08-03T21:55:12.637Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:color-string_project:color-string:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "D2BCC158-C090-46D8-AC7A-9BB2888A36AA", "versionEndExcluding": "1.5.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string."}, {"lang": "es", "value": "Se ha detectado una vulnerabilidad de Expresi\u00f3n Regular de Denegaci\u00f3n de Servicio (ReDOS) en Color-String versi\u00f3n 1.5.5 y por debajo, que ocurre cuando la aplicaci\u00f3n es proporcionada y comprueba una cadena HWB no v\u00e1lida dise\u00f1ada"}], "id": "CVE-2021-29060", "lastModified": "2024-11-21T06:00:37.343", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-06-21T16:15:08.113", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/yetingli/SaveResults/blob/main/js/color-string.js"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://www.npmjs.com/package/color-string"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/yetingli/SaveResults/blob/main/js/color-string.js"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://www.npmjs.com/package/color-string"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "nodejs-color-string: Regular expression denial of service when the application is provided and checks a crafted invalid HWB string", "id": "1974848", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974848"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-400", "details": ["A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string.", "A Regular Expression Denial of Service (ReDOS) vulnerability was found in Color-String, which occurs when the application is provided and checks a crafted invalid HWB string. The highest threat from this vulnerability is to system availability."], "name": "CVE-2021-29060", "package_state": [{"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Not affected", "package_name": "openshift-logging/kibana6-rhel8", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:service_mesh:1", "fix_state": "Will not fix", "impact": "low", "package_name": "servicemesh-grafana", "product_name": "OpenShift Service Mesh 1"}, {"cpe": "cpe:/a:redhat:service_mesh:1", "fix_state": "Will not fix", "impact": "low", "package_name": "servicemesh-prometheus", "product_name": "OpenShift Service Mesh 1"}, {"cpe": "cpe:/a:redhat:service_mesh:2.0", "fix_state": "Will not fix", "package_name": "servicemesh-grafana", "product_name": "OpenShift Service Mesh 2.0"}, {"cpe": "cpe:/a:redhat:service_mesh:2.0", "fix_state": "Will not fix", "package_name": "servicemesh-prometheus", "product_name": "OpenShift Service Mesh 2.0"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "rhacm2/console-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "rhacm2/console-ui-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "rhacm2/search-ui-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "impact": "low", "package_name": "kibana", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Out of support scope", "impact": "low", "package_name": "kibana", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "openshift4/ose-grafana", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Out of support scope", "impact": "low", "package_name": "openshift4/ose-logging-kibana6", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "openshift4/ose-prometheus", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "openshift4/ose-thanos-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Will not fix", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/o:redhat:rhev_hypervisor:4", "fix_state": "Will not fix", "impact": "low", "package_name": "ovirt-engine-ui-extensions", "product_name": "Red Hat Virtualization 4"}, {"cpe": "cpe:/o:redhat:rhev_hypervisor:4", "fix_state": "Will not fix", "impact": "low", "package_name": "ovirt-web-ui", "product_name": "Red Hat Virtualization 4"}], "public_date": "2021-06-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-29060\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-29060\nhttps://snyk.io/vuln/SNYK-JS-COLORSTRING-1082939"], "statement": "OpenShift Service Mesh 1.1.x is in its maintenance phase, only Important and Critical vulnerabilities will be fixed at this time.\nIn OpenShift Container Platform (OCP) and OpenShift Service Mesh (OSSM) some components include the vulnerable color-string library, but access is protected by OpenShift OAuth what reducing impact by this flaw to LOW.\nStarting in OCP 4.7, the kibana component is shipping as \"container first\" content and as a part of the OpenShift Logging product (openshift-logging/kibana6-rhel8) and is not affected by this vulnerability. The kibana components delivered in OCP 4.6 and earlier are marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) all containers are using the 1.5.5 fixed version, hence not RHACM version is affected by this flaw.\nIn Red Hat Virtualization a vulnerable version of color-string is used in ovirt-web-ui and ovirt-engine-ui-extensions. It is a build-time dependency not exploitable in the delivered product. Therefore impact is rated Low and it will not be immediately fixed. An update may be provided in future releases.", "threat_severity": "Moderate"}