Количество 2
Количество 2
CVE-2022-31103
lettersanitizer is a DOM-based HTML email sanitizer for in-browser email rendering. All versions of lettersanitizer below 1.0.2 are affected by a denial of service issue when processing a CSS at-rule `@keyframes`. This package is depended on by [react-letter](https://github.com/mat-sz/react-letter), therefore everyone using react-letter is also at risk. The problem has been patched in version 1.0.2.
GHSA-7r3r-gq8p-v9jj
Improper handling of CSS at-rules in lettersanitizer
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-31103 lettersanitizer is a DOM-based HTML email sanitizer for in-browser email rendering. All versions of lettersanitizer below 1.0.2 are affected by a denial of service issue when processing a CSS at-rule `@keyframes`. This package is depended on by [react-letter](https://github.com/mat-sz/react-letter), therefore everyone using react-letter is also at risk. The problem has been patched in version 1.0.2. | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
| GHSA-7r3r-gq8p-v9jj Improper handling of CSS at-rules in lettersanitizer | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу