CVE-2023-26364
MEDIUM5.0EPSS 0.28%@adobe/css-tools Regular Expression Denial of Service (ReDOS) while Parsing CSS
發布日:2023/8/29修改日:2026/5/4
描述
### Impact @adobe/css-tools version 4.3.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a denial of service while attempting to parse CSS. ### Patches The issue has been resolved in 4.3.1. ### Workarounds None ### References N/A
受影響套件(1)
- npm/@adobe/css-toolsfrom 0, < 4.3.1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.0 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L |