-tompan-reacttemplate (>=1.0.1 <=1.1.0), 0x0.icu.anima (=0.1.0) +9334 more potentially affected by CVE-2021-23382 via postcss (>=7.0.0 <=7.0.35)

postcss NPM version =7.0.0, =1.0.1, =1.0.1, =0.1.0, =0.1.2, =0.1.0, =0.1.0, =0.1.1, =1.0.0, =3.4.2 and more Source cves: CVE-2021-23382 Source advisory: SNYK:JS-POSTCSS-1255640...

@100mslive/hms-video-react (>=0.3.27 <=0.3.125), @aagames-fe/google-translate (>=0.0.2 <=0.0.14) +394 more potentially affected by CVE-2021-23382 via postcss (>=8.0.0 <=8.2.12)

postcss NPM version =8.0.0, =0.3.27, =0.0.2, =1.1.0, =0.1101.0-next.0, =0.30.7-danger.689b7beb.20, =0.33.2-danger.94e2a1914.37, =0.25.0, =0.2.19, =2.0.174, =2.0.174, =2.0.174, =2.6.25 and more Source cves: CVE-2021-23382 Source advisory: SNYK:JS-POSTCSS-1255640...

PT-2021-15478 · Postcss · Postcss

Name of the Vulnerable Software and Affected Versions: postcss versions prior to 7.0.36 postcss versions 8.0.0 through 8.2.13 Description: The issue is related to Regular Expression Denial of Service ReDoS via the getAnnotationURL and loadAnnotation functions in lib/previous-map.js. The vulnerabl...

postcss 安全漏洞

Andrey Sitnik postcss is an open source application by Andrey Sitnik . Tool for converting styles using JS plug-ins . postcss 8.2.13 version before a security vulnerability , the vulnerability stems from vulnerability to regular expression denial-of-service attacks , vulnerable regular expression...

Regular Expression Denial Of Service (ReDoS)

postcss is vulnerable to regular expression denial of service. The usage of an insecure regular expression in source map parsing allows an attacker to cause a denial of service condition using a URL...

Unspecified vulnerability in Andrey Sitnik postcss

Andrey Sitnik postcss is an open source application by Andrey Sitnik . Used to use the JS plugin to convert the style of the tool . Andrey Sitnik postcss version 7.0.0 and 8.2.10 before a security vulnerability that can be exploited by attackers to cause a denial of service...

CVE-2021-23368

A regular expression denial of service ReDoS vulnerability was found in the npm library postcss. When parsing a supplied CSS string, if it contains an unexpected value then as the supplied CSS grows in length it will take an ever increasing amount of time to process. An attacker can use this...

CVE-2021-23368

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...

DEBIAN-CVE-2021-23368

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...

CVE-2021-23368

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...

CVE-2021-23368

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...

Code injection

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...

UBUNTU-CVE-2021-23368

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...

CVE-2021-23368

CVE-2021-23368 concerns the PostCSS package: versions 7.0.0 up to, but not including, 8.2.10 are vulnerable to a Regular Expression Denial of Service (ReDoS) during source map parsing. The connected documents confirm this vulnerability and link it to the Node.js/npm ecosystem, but do not provide ...

CVE-2021-23368 Regular Expression Denial of Service (ReDoS)

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...

CVE-2021-23368

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing...

Andrey Sitnik postcss 安全漏洞

Andrey Sitnik postcss is an open source application by Andrey Sitnik . Used to use the JS plugin to convert the style of the tool . Andrey Sitnik postcss version 7.0.0 and 8.2.10 before a security vulnerability that can be exploited by attackers to cause a denial of service...

-tompan-reacttemplate (>=1.0.1 <=1.1.0), 0x0.icu.anima (=0.1.0) +9334 more potentially affected by CVE-2021-23368 via postcss (>=7.0.0 <=7.0.35)

postcss NPM version =7.0.0, =1.0.1, =1.0.1, =0.1.0, =0.1.2, =0.1.0, =0.1.0, =0.1.1, =1.0.0, =3.4.2 and more Source cves: CVE-2021-23368 Source advisory: SNYK:JS-POSTCSS-1090595...

Regular Expression Denial of Service (ReDoS)

Overview postcss is a PostCSS is a tool for transforming styles with JS plugins. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing. PoC var postcss = require"postcss" function buildattackn var ret = "a/ sourceMappingURL=" for...

@100mslive/hms-video-react (>=0.3.27 <=0.3.59), @aagames-fe/google-translate (>=0.0.2 <=0.0.14) +371 more potentially affected by CVE-2021-23368 via postcss (>=8.0.0 <=8.2.1)

postcss NPM version =8.0.0, =0.3.27, =0.0.2, =1.1.0, =0.1101.0-next.0, =0.30.7-danger.689b7beb.20, =0.33.2-danger.94e2a1914.37, =0.25.0, =0.2.19, =2.0.174, =2.0.174, =2.0.174, =2.6.25 and more Source cves: CVE-2021-23368 Source advisory: SNYK:JS-POSTCSS-1090595...