Regular Expression Denial Of Service (ReDoS)

scss-tokenizer is vulnerable to regular expression denial of service. The vulnerability exists in the loadAnnotation function of previous-map.js due to the insecure regex pattern used in the match attribute, allowing an attacker to crash the application by providing malicious input...

GHSA-7MWH-4PQV-WMR8 Regular expression denial of service in scss-tokenizer

All versions of the package scss-tokenizer prior to 0.4.3 are vulnerable to Regular Expression Denial of Service ReDoS via the loadAnnotation function, due to the usage of insecure regex...

CVE-2022-25758

All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service ReDoS via the loadAnnotation function, due to the usage of insecure regex...

CVE-2022-25758

All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service ReDoS via the loadAnnotation function, due to the usage of insecure regex...

UBUNTU-CVE-2022-25758

All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service ReDoS via the loadAnnotation function, due to the usage of insecure regex...

CVE-2022-25758

All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service ReDoS via the loadAnnotation function, due to the usage of insecure regex...

CVE-2022-25758 Regular Expression Denial of Service (ReDoS)

All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service ReDoS via the loadAnnotation function, due to the usage of insecure regex...

CVE-2022-25758

All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service ReDoS via the loadAnnotation function, due to the usage of insecure regex...

PT-2022-17493 · Unknown · Scss-Tokenizer

Name of the Vulnerable Software and Affected Versions: scss-tokenizer versions prior to 0.4.3 Description: The issue is related to a Regular Expression Denial of Service ReDoS in the scss-tokenizer package. This occurs via the loadAnnotation function due to the usage of insecure regex...

scss-tokenizer 安全漏洞

scss-tokenizer is Sass Tools open source a Sass SCSS syntax of the splitter . scss-tokenizer has a security vulnerability , the vulnerability stems from the use of insecure regular expressions , all versions of the package scss-tokenizer are susceptible to regular expression denial of service ReD...

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the loadAnnotation function, due to the usage of insecure regex. PoC js var scss = require"scss-tokenizer" function buildattackn var ret = "a" for var i = 0; i n; i++ ret += "/...

CVE-2021-23382

The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service ReDoS via getAnnotationURL and loadAnnotation in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern /\s sourceMappingURL=...

DEBIAN-CVE-2021-23382

The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service ReDoS via getAnnotationURL and loadAnnotation in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern /\s sourceMappingURL=...

CVE-2021-23382

The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service ReDoS via getAnnotationURL and loadAnnotation in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern /\s sourceMappingURL=...

Regular Expression Denial of Service (ReDoS)

Overview postcss is a PostCSS is a tool for transforming styles with JS plugins. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via getAnnotationURL and loadAnnotation in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-patte...