check for Moderate security incidents (@adobe/css-tools)
EXPECTED RESULTS:
No security incidents
ACTUAL RESULTS:
@adobe/css-tools version 4.3.1 and earlier are affected by an Improper Input Validation vulnerability that could result in a denial of service while attempting to parse CSS.
Recommended steps to fix this issue:
1.Update the Package: npm install @adobe/css-tools@4.3.2
2.Verify the Update: npm list @adobe/css-tools
P.S: your @adobe/css-tools version is 4.3.1, update it to 4.3.2. Maybe the code will need some change too after this update.
sebiboga
commented
9 months ago
ENVIRONMENT: PROD
STEPS TO REPRODUCE:
EXPECTED RESULTS: No security incidents
ACTUAL RESULTS: @adobe/css-tools version 4.3.1 and earlier are affected by an Improper Input Validation vulnerability that could result in a denial of service while attempting to parse CSS.
Recommended steps to fix this issue: 1.Update the Package: npm install @adobe/css-tools@4.3.2 2.Verify the Update: npm list @adobe/css-tools
P.S: your @adobe/css-tools version is 4.3.1, update it to 4.3.2. Maybe the code will need some change too after this update.