Regular Expression Denial of Service (ReDoS)
All versions of package scss-tokenizer is vulnerable to Regular Expression Denial of Service (ReDoS) via the loadAnnotation() function, due to the usage of insecure regex.
Advisories for Npm/Scss-Tokenizer package
2022