CVE-2021-23364

Uncontrolled Resource Consumption in npm/browserslist

Identifier

CVE-2021-23364

Package Slug

npm/browserslist

Vulnerability

Uncontrolled Resource Consumption

Description

The package browserslist from are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries.

Affected Versions

All versions starting from 4.0.0 before 4.16.5

Solution

Upgrade to version 4.16.5 or above.

Last Modified

2021-05-06

source