Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Css-what Project Security Vulnerabilities

cve
cve

CVE-2021-33587

The css-what package 4.0.0 through 5.0.0 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to the size of the input.

7.5CVSS

7.3AI Score

0.002EPSS

2021-05-28 08:15 PM
129
2
cve
cve

CVE-2022-21222

The package css-what before 2.1.3 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of insecure regular expression in the re_attr variable of index.js. The exploitation of this vulnerability could be triggered via the parse function.

7.5CVSS

7.2AI Score

0.001EPSS

2022-09-30 05:15 AM
99
6