NodeJS/browserslist/4.9.0
Share target browsers between different front-end tools, like Autoprefixer, Stylelint and babel-env-preset
https://www.npmjs.com/package/browserslist
MIT
1 Security Vulnerabilities
Regular Expression Denial of Service in browserslist
Published date: 2021-05-24T19:52:40Z
CVE: CVE-2021-23364
Links:
- https://nvd.nist.gov/vuln/detail/CVE-2021-23364
- https://github.com/advisories/GHSA-w8qv-6jwh-64r5
- https://github.com/browserslist/browserslist/pull/593
- https://github.com/browserslist/browserslist/commit/c091916910dfe0b5fd61caad96083c6709b02d98
- https://github.com/browserslist/browserslist/blob/e82f32d1d4100d6bc79ea0b6b6a2d281a561e33c/index.js%23L472-L474
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1277182
- https://snyk.io/vuln/SNYK-JS-BROWSERSLIST-1090194
The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries.
Affected versions: ["4.16.4", "4.16.3", "4.16.2", "4.16.1", "4.16.0", "4.15.0", "4.14.7", "4.14.6", "4.14.5", "4.14.4", "4.14.3", "4.14.2", "4.14.1", "4.14.0", "4.13.0", "4.12.2", "4.12.1", "4.12.0", "4.11.1", "4.11.0", "4.10.0", "4.9.1", "4.9.0", "4.8.7", "4.8.6", "4.8.5", "4.8.4", "4.8.3", "4.8.2", "4.8.1", "4.8.0", "4.7.3", "4.7.2", "4.7.1", "4.7.0", "4.6.6", "4.6.5", "4.6.4", "4.6.3", "4.6.2", "4.6.1", "4.6.0", "4.5.6", "4.5.5", "4.5.4", "4.5.3", "4.5.2", "4.5.1", "4.5.0", "4.4.2", "4.4.1", "4.4.0", "4.3.7", "4.3.6", "4.3.5", "4.3.4", "4.3.3", "4.3.2", "4.3.1", "4.3.0", "4.2.1", "4.2.0", "4.1.2", "4.1.1", "4.1.0", "4.0.2", "4.0.1", "4.0.0"]
Secure versions: [0.1.0, 0.1.1, 0.1.2, 0.1.3, 0.2.0, 0.3.0, 0.3.1, 0.3.2, 0.3.3, 0.4.0, 0.5.0, 1.0.0, 1.0.1, 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.2.0, 1.3.0, 1.3.1, 1.3.2, 1.3.3, 1.3.4, 1.3.5, 1.3.6, 1.4.0, 1.5.0, 1.5.1, 1.5.2, 1.6.0, 1.7.0, 1.7.1, 1.7.2, 1.7.3, 1.7.4, 1.7.5, 1.7.6, 1.7.7, 2.0.0, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.1.5, 2.10.0, 2.10.1, 2.10.2, 2.11.0, 2.11.1, 2.11.2, 2.11.3, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.3.2, 2.3.3, 2.4.0, 2.5.0, 2.5.1, 2.6.0, 2.6.1, 2.7.0, 2.8.0, 2.9.0, 2.9.1, 3.0.0, 3.1.0, 3.1.1, 3.1.2, 3.2.0, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.2.5, 3.2.6, 3.2.7, 3.2.8, 4.16.5, 4.16.6, 4.16.7, 4.16.8, 4.17.0, 4.17.1, 4.17.2, 4.17.3, 4.17.4, 4.17.5, 4.17.6, 4.18.0, 4.18.1, 4.19.0, 4.19.1, 4.19.2, 4.19.3, 4.20.0, 4.20.1, 4.20.2, 4.20.3, 4.20.4, 4.21.0, 4.21.1, 4.21.10, 4.21.11, 4.21.2, 4.21.3, 4.21.4, 4.21.5, 4.21.6, 4.21.7, 4.21.8, 4.21.9, 4.22.0, 4.22.1, 4.22.2, 4.22.3, 4.23.0, 4.23.1, 4.23.2, 4.23.3, 4.24.0, 4.24.1, 4.24.2, 4.24.3, 4.24.4, 4.24.5, 4.25.0, 4.25.1, 4.25.2, 4.25.3, 4.25.4, 4.26.0, 4.26.1, 4.26.2, 4.26.3, 4.27.0, 4.28.0, 4.28.1, 4.28.2]
Recommendation: Update to version 4.28.2.
210 Other Versions
| Version | License | Security | Released | |
|---|---|---|---|---|
| 0.4.0 | MIT | 2015-05-02 - 13:38 | almost 11 years | |
| 0.3.3 | MIT | 2015-04-13 - 12:20 | almost 11 years | |
| 0.3.2 | MIT | 2015-04-02 - 15:11 | about 11 years | |
| 0.3.1 | MIT | 2015-02-26 - 22:56 | about 11 years | |
| 0.3.0 | MIT | 2015-02-21 - 12:27 | about 11 years | |
| 0.2.0 | MIT | 2015-01-28 - 14:49 | about 11 years | |
| 0.1.3 | MIT | 2015-01-27 - 23:34 | about 11 years | |
| 0.1.2 | MIT | 2015-01-19 - 17:46 | about 11 years | |
| 0.1.1 | MIT | 2015-01-11 - 18:25 | about 11 years | |
| 0.1.0 | MIT | 2014-12-15 - 08:26 | over 11 years |