Lucene search

CVE-2023-44270

🗓️ 29 Sep 2023 22:11:15Reported by GoogleType

osv🔗 osv.dev👁 21 Views

PostCSS v8.4.31 vulnerability: External CSS parsing flaw

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 56
github	PostCSS line return parsing error	30 Sep 202300:31	–	github
cvelist	CVE-2023-44270	29 Sep 202300:00	–	cvelist
ibm	Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in PostCSS	29 Nov 202314:47	–	ibm
ibm	Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to security restrictions bypass due to PostCSS CVE-2023-44270	5 Dec 202310:14	–	ibm
ibm	Security Bulletin: postcss-8.4.14.tgz is vulnerable to CVE-2023-44270 used in IBM Maximo Application Suite - Edge Data Collector	5 Mar 202409:13	–	ibm
ibm	Security Bulletin: IBM Event Processing is vulnerable to Improper Input Validation due to the PostCSS (CVE-2023-44270).	24 Jan 202410:02	–	ibm
ibm	Security Bulletin: Vulnerability in PostCSS affects IBM Business Automation Workflow - CVE-2023-44270	2 Apr 202406:43	–	ibm
ibm	Security Bulletin: IBM QRadar User Behavior Analytics uses components with known vulnerabilities (CVE-2023-44270, CVE-2023-45133)	5 Dec 202311:32	–	ibm
ibm	Security Bulletin: IBM Storage Fusion may be vulnerable to Injection, Regular Expression Denial of Service (ReDoS), and Arbitrary Code Execution and via use of postcss, semver, babel-traverse (CVE-2023-45133, CVE-2022-25883, CVE-2023-44270)	16 Nov 202321:37	–	ibm
ibm	Security Bulletin: IBM Storage Fusion HCI may be vulnerable to Injection, Regular Expression Denial of Service (ReDoS), and Arbitrary Code Execution and via use of postcss, semver, babel-traverse (CVE-2023-45133, CVE-2022-25883, CVE-2023-44270)	21 Dec 202317:24	–	ibm

Source	Link
github	www.github.com/postcss/postcss/commit/58cc860b4c1707510c9cd1bc1fa30b423a9ad6c5
github	www.github.com/postcss/postcss/releases/tag/8.4.31
github	www.github.com/github/advisory-database/issues/2820
github	www.github.com/postcss/postcss/blob/main/lib/tokenize.js

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

29 Sep 2023 22:15Current

7High risk

Vulners AI Score7

CVSS35.3

EPSS0.00109

SSVC