CVE-2021-23382 Regular Expression Denial of Service (ReDoS)

The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service ReDoS via getAnnotationURL and loadAnnotation in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern /\s sourceMappingURL=...

CVE-2021-23382

The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service ReDoS via getAnnotationURL and loadAnnotation in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern /\s sourceMappingURL=...

CVE-2021-23382

The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service ReDoS via getAnnotationURL and loadAnnotation in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern /\s sourceMappingURL=...

@100mslive/hms-video-react (>=0.3.27 <=0.3.125), @aagames-fe/google-translate (>=0.0.2 <=0.0.14) +394 more potentially affected by CVE-2021-23382 via postcss (>=8.0.0 <=8.2.12)

postcss NPM version =8.0.0, =0.3.27, =0.0.2, =1.1.0, =0.1101.0-next.0, =0.30.7-danger.689b7beb.20, =0.33.2-danger.94e2a1914.37, =0.25.0, =0.2.19, =2.0.174, =2.0.174, =2.0.174, =2.6.25 and more Source cves: CVE-2021-23382 Source advisory: SNYK:JS-POSTCSS-1255640...

-tompan-reacttemplate (>=1.0.1 <=1.1.0), 0x0.icu.anima (=0.1.0) +9334 more potentially affected by CVE-2021-23382 via postcss (>=7.0.0 <=7.0.35)

postcss NPM version =7.0.0, =1.0.1, =1.0.1, =0.1.0, =0.1.2, =0.1.0, =0.1.0, =0.1.1, =1.0.0, =3.4.2 and more Source cves: CVE-2021-23382 Source advisory: SNYK:JS-POSTCSS-1255640...

Regular Expression Denial of Service (ReDoS)

Overview postcss is a PostCSS is a tool for transforming styles with JS plugins. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via getAnnotationURL and loadAnnotation in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-patte...

PT-2021-15478

Name of the Vulnerable Software and Affected Versions postcss versions prior to 7.0.36 postcss versions 8.0.0 through 8.2.13 Description The issue is related to Regular Expression Denial of Service ReDoS via the getAnnotationURL and loadAnnotation functions in lib/previous-map.js. The vulnerable...

postcss 安全漏洞

Andrey Sitnik postcss is an open source application by Andrey Sitnik . Tool for converting styles using JS plug-ins . postcss 8.2.13 version before a security vulnerability , the vulnerability stems from vulnerability to regular expression denial-of-service attacks , vulnerable regular expression...

Regular Expression Denial Of Service (ReDoS)

postcss is vulnerable to regular expression denial of service. The usage of an insecure regular expression in source map parsing allows an attacker to cause a denial of service condition using a URL...

Unspecified vulnerability in Andrey Sitnik postcss

Andrey Sitnik postcss is an open source application by Andrey Sitnik . Used to use the JS plugin to convert the style of the tool . Andrey Sitnik postcss version 7.0.0 and 8.2.10 before a security vulnerability that can be exploited by attackers to cause a denial of service...

CVE-2021-23368

A regular expression denial of service ReDoS vulnerability was found in the npm library postcss. When parsing a supplied CSS string, if it contains an unexpected value then as the supplied CSS grows in length it will take an ever increasing amount of time to process. An attacker can use this...

DEBIAN-CVE-2021-23368

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...

CVE-2021-23368

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...

CVE-2021-23368

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...

Code injection

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...

CVE-2021-23368

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...

UBUNTU-CVE-2021-23368

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...

CVE-2021-23368 Regular Expression Denial of Service (ReDoS)

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...

CVE-2021-23368

CVE-2021-23368 concerns the PostCSS package: versions 7.0.0 up to, but not including, 8.2.10 are vulnerable to a Regular Expression Denial of Service (ReDoS) during source map parsing. The connected documents confirm this vulnerability and link it to the Node.js/npm ecosystem, but do not provide ...

CVE-2021-23368

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...