CVE-2022-21222
CVE-2022-21222 affects the Node.js package css-what prior to version 2.1.3. The vulnerability stems from an insecure regular expression in the re_attr variable of index.js, enabling Regular Expression Denial of Service (ReDoS) via the parse function. Affected users should upgrade to 2.1.3 or newe...