@adobe/css-tools@4.1.0 vulnerabilities
CSS parser / stringifier
-
latest version
4.4.1
-
latest non vulnerable version
-
first published
2 years ago
-
latest version published
2 days ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the @adobe/css-tools package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
@adobe/css-tools is a CSS parser / stringifier for Node.js Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) when parsing CSS. An attacker can exploit an inefficient regular expression with a crafted input string. How to fix Regular Expression Denial of Service (ReDoS)? Upgrade |
<4.3.2
|
@adobe/css-tools is a CSS parser / stringifier for Node.js Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the How to fix Regular Expression Denial of Service (ReDoS)? Upgrade |
<4.3.1
|