NodeJS/css-what/4.0.0

a CSS selector parser

Repo Link: https://www.npmjs.com/package/css-what
License: BSD-2-Clause

1 Security Vulnerabilities

Denial of service in css-what

Published date: 2021-06-07T22:11:39Z

CVE: CVE-2021-33587

Links:

The css-what package 4.0.0 through 5.0.0 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to the size of the input.

Affected versions: ["4.0.0", "5.0.0"]

Secure versions: [2.1.3, 3.0.0, 3.0.1, 3.0.2, 3.1.0, 3.2.0, 3.2.1, 3.3.0, 3.4.0, 3.4.1, 3.4.2, 5.0.1, 5.1.0, 6.0.0, 6.0.1, 6.1.0]

Recommendation: Update to version 6.1.0.

24 Other Versions

Version	License	Security	Released
6.1.0	BSD-2-Clause		2022-03-31 - 13:20	about 2 years
6.0.1	BSD-2-Clause		2021-12-27 - 10:46	over 2 years
6.0.0	BSD-2-Clause		2021-12-26 - 23:10	over 2 years
5.1.0	BSD-2-Clause		2021-10-10 - 11:05	over 2 years
5.0.1	BSD-2-Clause		2021-05-28 - 18:35	almost 3 years
5.0.0	BSD-2-Clause	1	2021-03-09 - 04:02	about 3 years
4.0.0	BSD-2-Clause	1	2020-10-13 - 07:04	over 3 years
3.4.2	BSD-2-Clause		2020-10-09 - 18:45	over 3 years
3.4.1	BSD-2-Clause		2020-10-01 - 19:43	over 3 years
3.4.0	BSD-2-Clause		2020-10-01 - 18:17	over 3 years
3.3.0	BSD-2-Clause		2020-05-31 - 21:14	almost 4 years
3.2.1	BSD-2-Clause		2019-11-09 - 22:39	over 4 years
3.2.0	BSD-2-Clause		2019-08-02 - 19:24	over 4 years
3.1.0	BSD-2-Clause		2019-07-23 - 01:11	over 4 years
3.0.2	BSD-2-Clause		2019-07-13 - 19:37	almost 5 years
3.0.1	BSD-2-Clause		2019-07-13 - 19:36	almost 5 years
3.0.0	BSD-2-Clause		2019-07-13 - 19:31	almost 5 years
2.1.3	BSD-2-Clause		2019-02-14 - 18:23	about 5 years
2.1.2	BSD-2-Clause	1	2018-10-21 - 22:18	over 5 years
2.1.0	BSD	1	2015-11-22 - 13:25	over 8 years
2.0.2	BSD	1	2015-03-12 - 12:34	about 9 years
2.0.1	BSD	1	2015-03-05 - 17:47	about 9 years
2.0.0	BSD	1	2015-03-01 - 13:46	about 9 years
1.0.0	BSD	1	2015-02-03 - 22:10	about 9 years