2 matches found
CVE-2022-31103
Lettersanitizer is a DOM-based HTML email sanitizer. All versions below 1.0.2 are affected by a denial-of-service when processing the CSS at-rule @keyframes. The issue also affects React Letter via dependency on lettersanitizer. Root cause: improper handling of CSS at-rules in the sanitizer, lead...
CVE-2022-31103 Improper handling of CSS at-rules in lettersanitizer
lettersanitizer is a DOM-based HTML email sanitizer for in-browser email rendering. All versions of lettersanitizer below 1.0.2 are affected by a denial of service issue when processing a CSS at-rule @keyframes. This package is depended on by react-letter, therefore everyone using react-letter is...