Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-prr3-c3m5-p7q2: @adobe/css-tools Improper Input Validation and Inefficient Regular Expression Complexity

Impact

@adobe/css-tools version 4.3.1 and earlier are affected by an Improper Input Validation vulnerability that could result in a denial of service while attempting to parse CSS.

Patches

The issue has been resolved in 4.3.2.

Workarounds

None

References

N/A

ghsa
#vulnerability#dos#git

@adobe/css-tools Improper Input Validation and Inefficient Regular Expression Complexity

Moderate severity GitHub Reviewed Published Nov 30, 2023 in adobe/css-tools • Updated Nov 30, 2023

Related news

Red Hat Security Advisory 2024-3989-03

Red Hat Security Advisory 2024-3989-03 - Migration Toolkit for Applications 6.2.3 release. Issues addressed include denial of service, memory leak, and password leak vulnerabilities.

Red Hat Security Advisory 2024-3919-03

Red Hat Security Advisory 2024-3919-03 - Migration Toolkit for Runtimes 1.2.6 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include denial of service and spoofing vulnerabilities.

CVE-2023-48631: Improper Input Validation and Inefficient Regular Expression Complexity in @adobe/css-tools

@adobe/css-tools versions 4.3.1 and earlier are affected by an Improper Input Validation vulnerability that could result in a denial of service while attempting to parse CSS.