Filtered by vendor Scss-tokenizer Project
Subscribe
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-25758 | 1 Scss-tokenizer Project | 1 Scss-tokenizer | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service (ReDoS) via the loadAnnotation() function, due to the usage of insecure regex. | |||||