The css-what package 4.0.0 through 5.0.0 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to the size of the input.
Published by the National Vulnerability Database
May 28, 2021
Jun 1, 2021
Published to the GitHub Advisory Database
Jun 7, 2021
Nov 29, 2023