Security Advisory

CVE-2021-23382

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-04-26 15:30:26

Last updated 2024-09-16 23:26:53

Assigner snyk

State PUBLISHED

Description

The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service (ReDoS) via getAnnotationURL() and loadAnnotation() in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern /*s* sourceMappingURL=(.*).

← Browse all CVEs View on cve.org ↗