EUVD-2023-2304

Malicious code in bioql PyPI...

EUVD-2023-3011

Malicious code in bioql PyPI...

CVE-2023-48631

@adobe/css-tools versions 4.3.1 and earlier are affected by an Improper Input Validation vulnerability that could result in a denial of service while attempting to parse CSS...

Input validation

@adobe/css-tools versions 4.3.1 and earlier are affected by an Improper Input Validation vulnerability that could result in a denial of service while attempting to parse CSS...

Adobe css-tools Input Validation Error Vulnerability

Adobe css-tools is a CSS parser/string generator for Node.js from Adobe USA. An input validation error vulnerability exists in adobe css-tools version 4.3.1 and earlier, which stems from being affected by incorrect input validation and may result in a denial of service when attempting to parse CS...

@bitfoot/theme-ngx-globular (>=0.1.1 <=0.1.15), @dashkite/genie-pug (>=0.1.0 <=0.7.14) +43 more potentially affected by CVE-2023-48631 via @adobe/css-tools (>=4.2.0 <=4.3.1)

@adobe/css-tools NPM version =4.2.0, =0.1.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.3, =0.1.26, =3.2.0, =3.1.0, =0.1.0, =0.0.1, =0.0.3, =7.5.3, =0.1.0, =0.1.7 and more Source cves: CVE-2023-48631 Source advisory: OSV:GHSA-PRR3-C3M5-P7Q2...

GHSA-PRR3-C3M5-P7Q2 @adobe/css-tools Improper Input Validation and Inefficient Regular Expression Complexity

Impact @adobe/css-tools version 4.3.1 and earlier are affected by an Improper Input Validation vulnerability that could result in a denial of service while attempting to parse CSS. Patches The issue has been resolved in 4.3.2. Workarounds None References N/A...

SUSE CVE-2023-26364

@adobe/css-tools version 4.3.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a minor denial of service while attempting to parse CSS. Exploitation of this issue does not require user interaction or privileges...

CVE-2023-26364

A flaw was found in Adobe CSS Tools. An improper input validation could result in a minor denial of service while parsing a malicious CSS with the parse component. User interaction and privileges are not required to jeopardize an environment. Mitigation No mitigation is yet available for this...

CVE-2023-26364

@adobe/css-tools version 4.3.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a minor denial of service while attempting to parse CSS. Exploitation of this issue does not require user interaction or privileges...

CVE-2023-26364 Denial of Service of regular expression in package @adobe/css-tools

@adobe/css-tools version 4.3.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a minor denial of service while attempting to parse CSS. Exploitation of this issue does not require user interaction or privileges...

Adobe css-tools security vulnerability

Adobe css-tools is a CSS parser/string generator for Node.js from Adobe USA. A security vulnerability exists in Adobe css-tools version 4.3.0 and prior versions, which stems from incorrect input validation, resulting in a minor denial of service when attempting to parse CSS...

@bitfoot/theme-ngx-globular (>=0.1.1 <=0.1.15), @dashkite/genie-pug (>=0.1.0 <=0.7.14) +42 more potentially affected by CVE-2023-26364 via @adobe/css-tools (>=4.2.0 <=4.3.0-rc.1)

@adobe/css-tools NPM version =4.2.0, =0.1.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.3, =0.1.26, =3.2.0, =3.1.0, =0.1.0, =0.0.1, =0.0.3, =7.5.3, =7.5.5 - @parker-industries/tensile-ui =0.0.1 and more Source cves: CVE-2023-26364 Source advisory: OSV:GHSA-HPX4-R86G-5JRG...