CVE-2021-23364
CVE-2021-23364 affects the package browserslist . Versions from 4.0.0 and earlier up to but not including 4.16.5 are vulnerable to a Regular Expression Denial of Service (ReDoS) during parsing of queries. The root cause is crude regex-based parsing that can incur excessive CPU for crafted inputs,...