org.webjars.npm:postcss@7.0.27 vulnerabilities
-
latest version
8.4.38
-
latest non vulnerable version
-
first published
8 years ago
-
latest version published
a month ago
-
licenses detected
- [5.0.14,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.webjars.npm:postcss package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.webjars.npm:postcss is a PostCSS is a tool for transforming styles with JS plugins. Affected versions of this package are vulnerable to Improper Input Validation when parsing external Cascading Style Sheets (CSS) with linters using PostCSS. An attacker can cause discrepancies by injecting malicious CSS rules, such as How to fix Improper Input Validation? Upgrade |
[,8.4.31)
|
org.webjars.npm:postcss is a PostCSS is a tool for transforming styles with JS plugins. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via PoC
How to fix Regular Expression Denial of Service (ReDoS)? Upgrade |
[8.0.0,8.2.13)
[,7.0.36)
|
org.webjars.npm:postcss is a PostCSS is a tool for transforming styles with JS plugins. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing. PoC
How to fix Regular Expression Denial of Service (ReDoS)? Upgrade |
[7.0.0,7.0.36)
[8.0.0,8.2.10)
|