Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 476
Alerts This Week
Warning Icon 1 476

Debian 10: DLA-3350-1 Moderate: Node-Css-What ReDoS Issue

debian lts
Calendar Grey March 3, 2023
Dist Debian Esm H88
Ubuntu Security Notice USN-1234-1 addresses a patch for libjpeg-turbo regarding heap overflow risks on April 10, 2023.
node-css-what was vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of insecure regular expression in the re_attr variable

Summary

For Debian 10 buster, this problem has been fixed in version
2.1.0-1+deb10u1.

We recommend that you upgrade your node-css-what packages.

For the detailed security status of node-css-what please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/node-css-what

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Package: node-css-what
Version: 2.1.0-1
CVE ID: CVE-2022-21222 CVE-2021-33587
Debian Bug: #1032188

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.