The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | node-browserslist | < 4.16.3+~cs5.4.72-2 | node-browserslist_4.16.3+~cs5.4.72-2_all.deb |
Debian | 11 | all | node-browserslist | < 4.16.3+~cs5.4.72-2 | node-browserslist_4.16.3+~cs5.4.72-2_all.deb |
Debian | 10 | all | node-browserslist | <= 2.11.3-1 | node-browserslist_2.11.3-1_all.deb |
Debian | 999 | all | node-browserslist | < 4.16.3+~cs5.4.72-2 | node-browserslist_4.16.3+~cs5.4.72-2_all.deb |
Debian | 13 | all | node-browserslist | < 4.16.3+~cs5.4.72-2 | node-browserslist_4.16.3+~cs5.4.72-2_all.deb |