GHSA-prr3-c3m5-p7q2

Suggest an improvement
Source
https://github.com/advisories/GHSA-prr3-c3m5-p7q2
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/11/GHSA-prr3-c3m5-p7q2/GHSA-prr3-c3m5-p7q2.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-prr3-c3m5-p7q2
Aliases
  • CVE-2023-48631
Published
2023-11-30T19:51:29Z
Modified
2023-12-14T22:02:39Z
Severity
  • 5.0 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L CVSS Calculator
Summary
@adobe/css-tools Improper Input Validation and Inefficient Regular Expression Complexity
Details

Impact

@adobe/css-tools version 4.3.1 and earlier are affected by an Improper Input Validation vulnerability that could result in a denial of service while attempting to parse CSS.

Patches

The issue has been resolved in 4.3.2.

Workarounds

None

References

N/A

References

Affected packages

npm / @adobe/css-tools

Package

Name
@adobe/css-tools
View open source insights on deps.dev
Purl
pkg:npm/%40adobe/css-tools

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.2