{"id":"CVE-2020-7753","details":"All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().","aliases":["GHSA-w5p7-h5w8-2hfq"],"modified":"2026-05-04T08:33:28.406731Z","published":"2020-10-27T09:15:12.233Z","withdrawn":"2026-05-04T08:33:28.406731Z","related":["SNYK-JAVA-ORGWEBJARSNPM-1022132","SNYK-JS-TRIM-1017038","SUSE-RU-2024:0511-1","SUSE-SU-2023:2575-1","SUSE-SU-2023:2578-1","SUSE-SU-2023:2579-1","SUSE-SU-2024:0191-1","SUSE-SU-2024:0196-1","SUSE-SU-2024:0486-1","SUSE-SU-2024:0487-1","openSUSE-SU-2024:12723-1"],"references":[{"type":"WEB","url":"https://lists.apache.org/thread.html/r10faad1ef9166d37a1a5c9142b1af7099b8ecdc5ad05c51b8ea993d9%40%3Ccommits.airflow.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/r51ff3c2a4c7b8402f321eae7e624672cc2295c7bc8c12c8b871f6b0b%40%3Ccommits.airflow.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/r75b8d0b88833d7d96afcdce3ead65e212572ead4e7a9f34d21040196%40%3Ccommits.airflow.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/rb8462df3b6484e778905c09cd49a8912e1a302659860017ebe36da03%40%3Ccommits.airflow.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/rcc7c2865a52b544a8e49386c6880e9b9ab29bfce1052b5569d09ee4a%40%3Ccommits.airflow.apache.org%3E"},{"type":"ADVISORY","url":"https://github.com/component/trim/blob/master/index.js%23L6"},{"type":"EVIDENCE","url":"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1022132"},{"type":"EVIDENCE","url":"https://snyk.io/vuln/SNYK-JS-TRIM-1017038"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-7753.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}