Closed kenseehart closed 5 months ago
I attempted to fix this in a PR I made but the maintainer seems to have abandoned this project.
Hi guys, I'm working on refactore it, it will be ready soon
Please use https://github.com/mercs600/vue3-perfect-scrollbar/releases/tag/v2.0.0 to avoid those issues.
PostCSS line return parsing error Moderate severity GitHub Reviewed Published on Sep 29, 2023 to the GitHub Advisory Database • Updated on Nov 4, 2023 Vulnerability details Dependabot alerts 0 Package postcss ( npm ) Affected versions < 8.4.31 Patched versions 8.4.31 Description An issue was discovered in PostCSS before 8.4.31. It affects linters using PostCSS to parse external Cascading Style Sheets (CSS). There may be \r discrepancies, as demonstrated by @font-face{ font:(\r/*);} in a rule.
This vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being originally included in a comment.