CVE-2021-23368

Uncontrolled Resource Consumption in npm/postcss

Identifier

CVE-2021-23368

Package Slug

npm/postcss

Vulnerability

Uncontrolled Resource Consumption

Description

The package postcss from are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.

Affected Versions

All versions starting from 7.0.0 before 8.2.10

Solution

Upgrade to version 8.2.10 or above.

Last Modified

2021-05-03

source