Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
postcss postcss vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-23382
The package postcss prior to 8.2.13 are vulnerable to Regular Expression Denial of Service (ReDoS) via getAnnotationURL() and loadAnnotation() in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern \/\*\s* sourceMappingURL=(.*).
Postcss Postcss
5.3
CVSSv3
CVE-2021-23368
The package postcss from 7.0.0 and prior to 8.2.10 are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.
Postcss Postcss
5.3
CVSSv3
CVE-2023-44270
An issue exists in PostCSS prior to 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included ...
Postcss Postcss
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started