Vulnerabilities

 1 via 2 paths

Dependencies

 133

Source

 GitHub

Find, fix and prevent vulnerabilities in your code.

Test and protect my applications
Severity
  • 1
Status
  • 1
  • 0
  • 0

medium severity
new

Uncontrolled Recursion

  • Vulnerable module: postcss-selector-parser
  • Introduced through: tailwindcss@3.4.19

Detailed paths

  • Introduced through: tbmhelper@Catatomik/TBMHelper tailwindcss@3.4.19 postcss-selector-parser@6.1.2
  • Introduced through: tbmhelper@Catatomik/TBMHelper tailwindcss@3.4.19 postcss-nested@6.2.0 postcss-selector-parser@6.1.2

Overview

Affected versions of this package are vulnerable to Uncontrolled Recursion via the toString function in the AST Serialization. An attacker can cause uncontrolled recursion by providing specially crafted input, potentially resulting in resource exhaustion and application unavailability.

Remediation

There is no fixed version for postcss-selector-parser.

References

Uncontrolled Recursion vulnerability report