CVE-2021-23382
- Reference to the description:
- Description:
- The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service (ReDoS) via getAnnotationURL() and loadAnnotation() in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern \/\*\s* sourceMappingURL=(.*).
- Last updated date:
- 08/08/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 07/08/2021
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 07/08/2021
- Reference url to background