Security Advisory

CVE-2022-21222

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-09-30 05:05:11

Last updated 2025-05-20 16:04:07

Assigner snyk

State PUBLISHED

Description

The package css-what before 2.1.3 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of insecure regular expression in the re_attr variable of index.js. The exploitation of this vulnerability could be triggered via the parse function.

← Browse all CVEs View on cve.org ↗