EPSS
Percentile
45.7%
dat.gui is vulnerable to regular expression denial of service. The sub-pattern \s*(.+)\s* in interpret.js and can be exploited to cause a denial of service.
\s*(.+)\s*
interpret.js
github.com/dataarts/dat.gui/blob/v0.7.7/src/dat/color/interpret.js#L60
github.com/dataarts/dat.gui/blob/v0.7.7/src/dat/color/interpret.js#L78
github.com/dataarts/dat.gui/issues/278
github.com/dataarts/dat.gui/pull/279