4 matches found
-tompan-reacttemplate (>=1.0.1 <=1.1.0), 0x0.icu.anima (=0.1.0) +12645 more potentially affected by CVE-2021-23364 via browserslist (>=4.0.0 <=4.16.4)
browserslist NPM version =4.0.0, =1.0.1, =1.1.0 - 0x0.icu.anima =0.1.0 - 0xgank-tea-advice-pull =1.0.0 - 0xgank-tea-balance-pencil =1.0.0 - 0xgank-tea-brick-bell =1.0.0 - 0xgank-tea-cake-victory =1.0.0 - 0xgank-tea-central-compound =1.0.0 - 0xgank-tea-characteristic =1.0.0 -...
CVE-2021-23364
CVE-2021-23364 affects the package browserslist . Versions from 4.0.0 and earlier up to but not including 4.16.5 are vulnerable to a Regular Expression Denial of Service (ReDoS) during parsing of queries. The root cause is crude regex-based parsing that can incur excessive CPU for crafted inputs,...
CVE-2021-23364
The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service ReDoS during parsing of queries...
CVE-2021-23364
The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service ReDoS during parsing of queries...