Description
@adobe/css-tools versions 4.3.1 and earlier are affected by an Improper Input Validation vulnerability that could result in a denial of service while attempting to parse CSS.
Remediation
References
https://github.com/adobe/css-tools/security/advisories/GHSA-prr3-c3m5-p7q2
Related Vulnerabilities
CVE-2019-10335 Vulnerability in maven package org.jenkins-ci.plugins:electricflow
CVE-2021-3859 Vulnerability in maven package io.undertow:undertow-core
CVE-2014-0230 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2023-37943 Vulnerability in maven package org.jenkins-ci.plugins:active-directory
CVE-2023-44487 Vulnerability in maven package io.helidon.http:helidon-http-http2