Описание
@adobe/css-tools version 4.3.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a minor denial of service while attempting to parse CSS. Exploitation of this issue does not require user interaction or privileges.
Уязвимые конфигурации
EPSS
5.3 Medium
CVSS3
Дефекты
Связанные уязвимости
@adobe/css-tools version 4.3.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a minor denial of service while attempting to parse CSS. Exploitation of this issue does not require user interaction or privileges.
@adobe/css-tools Regular Expression Denial of Service (ReDOS) while Parsing CSS
Уязвимость CSS-парсера для Node.js css-tools, связанная с недостаточной проверкой входных данных, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5.3 Medium
CVSS3