Vulnerabilities (CVE)

Filtered by vendor Scss-tokenizer Project Subscribe
Filtered by product Scss-tokenizer
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-25758 1 Scss-tokenizer Project 1 Scss-tokenizer 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service (ReDoS) via the loadAnnotation() function, due to the usage of insecure regex.