The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.
{ "source": [ "CPE_RANGE", "REFERENCES" ], "cpe": "cpe:2.3:a:postcss:postcss:*:*:*:*:*:node.js:*:*", "extracted_events": [ { "introduced": "7.0.0" }, { "fixed": "7.0.36" }, { "introduced": "8.0.0" }, { "fixed": "8.2.10" } ] }
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-23368.json"