Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:npm/postcss@8.1.1

Type npm

Namespace

Name postcss

Version 8.1.1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 8.5.10

Latest_non_vulnerable_version 8.5.10

Affected_by_vulnerabilities

url VCID-ecqz-ug4v-1ub4

vulnerability_id VCID-ecqz-ug4v-1ub4

summary

PostCSS line return parsing error
An issue was discovered in PostCSS before 8.4.31. It affects linters using PostCSS to parse external Cascading Style Sheets (CSS). There may be `\r` discrepancies, as demonstrated by `@font-face{ font:(\r/*);}` in a rule.

This vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being originally included in a comment.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44270.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44270.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-44270

reference_id

reference_type

scores

value	0.00166
scoring_system	epss
scoring_elements	0.37351
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-44270

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44270
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44270

reference_url

https://github.com/github/advisory-database/issues/2820

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:38:23Z/

url

https://github.com/github/advisory-database/issues/2820

reference_url

https://github.com/postcss/postcss

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/postcss/postcss

reference_url

https://github.com/postcss/postcss/blob/main/lib/tokenize.js#L25

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:38:23Z/

url

https://github.com/postcss/postcss/blob/main/lib/tokenize.js#L25

reference_url

https://github.com/postcss/postcss/commit/58cc860b4c1707510c9cd1bc1fa30b423a9ad6c5

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:38:23Z/

url

https://github.com/postcss/postcss/commit/58cc860b4c1707510c9cd1bc1fa30b423a9ad6c5

reference_url

https://github.com/postcss/postcss/releases/tag/8.4.31

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:38:23Z/

url

https://github.com/postcss/postcss/releases/tag/8.4.31

reference_url

https://lists.debian.org/debian-lts-announce/2024/12/msg00025.html

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2024/12/msg00025.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-44270

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-44270

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053282
reference_id	1053282
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053282

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2326998
reference_id	2326998
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2326998

reference_url	https://github.com/advisories/GHSA-7fh5-64p2-3v2j
reference_id	GHSA-7fh5-64p2-3v2j
reference_type
scores
url	https://github.com/advisories/GHSA-7fh5-64p2-3v2j

reference_url	https://access.redhat.com/errata/RHSA-2024:10517
reference_id	RHSA-2024:10517
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10517

reference_url	https://access.redhat.com/errata/RHSA-2024:10908
reference_id	RHSA-2024:10908
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10908

reference_url	https://access.redhat.com/errata/RHSA-2025:0654
reference_id	RHSA-2025:0654
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0654

reference_url	https://access.redhat.com/errata/RHSA-2025:0892
reference_id	RHSA-2025:0892
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0892

reference_url	https://access.redhat.com/errata/RHSA-2025:1824
reference_id	RHSA-2025:1824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1824

reference_url	https://access.redhat.com/errata/RHSA-2025:1829
reference_id	RHSA-2025:1829
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1829

reference_url	https://access.redhat.com/errata/RHSA-2025:1865
reference_id	RHSA-2025:1865
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1865

reference_url	https://access.redhat.com/errata/RHSA-2025:1866
reference_id	RHSA-2025:1866
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1866

reference_url	https://access.redhat.com/errata/RHSA-2025:2652
reference_id	RHSA-2025:2652
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2652

reference_url	https://access.redhat.com/errata/RHSA-2025:3069
reference_id	RHSA-2025:3069
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3069

fixed_packages

url pkg:npm/postcss@8.4.31

purl pkg:npm/postcss@8.4.31

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-hd76-gtac-wub9

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/postcss@8.4.31

aliases CVE-2023-44270, GHSA-7fh5-64p2-3v2j

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ecqz-ug4v-1ub4

url VCID-hd76-gtac-wub9

vulnerability_id VCID-hd76-gtac-wub9

summary postcss: PostCSS: Cross-Site Scripting (XSS) via improper escaping of style closing tags

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41305.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41305.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-41305

reference_id

reference_type

scores

value	0.00011
scoring_system	epss
scoring_elements	0.01491
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-41305

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41305
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41305

reference_url

https://github.com/postcss/postcss

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/postcss/postcss

reference_url

https://github.com/postcss/postcss/releases/tag/8.5.10

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-24T16:22:58Z/

url

https://github.com/postcss/postcss/releases/tag/8.5.10

reference_url

https://github.com/postcss/postcss/security/advisories/GHSA-qx2v-qp2m-jg93

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-24T16:22:58Z/

url

https://github.com/postcss/postcss/security/advisories/GHSA-qx2v-qp2m-jg93

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-41305

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-41305

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2461366
reference_id	2461366
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2461366

reference_url	https://github.com/advisories/GHSA-qx2v-qp2m-jg93
reference_id	GHSA-qx2v-qp2m-jg93
reference_type
scores
url	https://github.com/advisories/GHSA-qx2v-qp2m-jg93

fixed_packages

url	pkg:npm/postcss@8.5.10
purl	pkg:npm/postcss@8.5.10
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:npm/postcss@8.5.10

aliases CVE-2026-41305, GHSA-qx2v-qp2m-jg93

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hd76-gtac-wub9

url VCID-rp36-mkv8-kkdv

vulnerability_id VCID-rp36-mkv8-kkdv

summary nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23382.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23382.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-23382

reference_id

reference_type

scores

value	0.00071
scoring_system	epss
scoring_elements	0.21778
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-23382

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23382
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23382

reference_url

https://github.com/postcss/postcss/commit/2b1d04c867995e55124e0a165b7c6622c1735956

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/postcss/postcss/commit/2b1d04c867995e55124e0a165b7c6622c1735956

reference_url

https://github.com/postcss/postcss/releases/tag/7.0.36

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/postcss/postcss/releases/tag/7.0.36

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-23382

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-23382

reference_url

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1255641

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1255641

reference_url

https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1954150
reference_id	1954150
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1954150

reference_url

https://github.com/advisories/GHSA-566m-qj78-rww5

reference_id

GHSA-566m-qj78-rww5

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-566m-qj78-rww5

reference_url	https://access.redhat.com/errata/RHSA-2021:2438
reference_id	RHSA-2021:2438
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2438

reference_url	https://access.redhat.com/errata/RHSA-2021:3917
reference_id	RHSA-2021:3917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3917

fixed_packages

url pkg:npm/postcss@8.2.13

purl pkg:npm/postcss@8.2.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ecqz-ug4v-1ub4

vulnerability	VCID-hd76-gtac-wub9

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/postcss@8.2.13

aliases CVE-2021-23382, GHSA-566m-qj78-rww5

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rp36-mkv8-kkdv

url VCID-ur4t-97ar-zbdq

vulnerability_id VCID-ur4t-97ar-zbdq

summary nodejs-postcss: Regular expression denial of service during source map parsing

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23368.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23368.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-23368

reference_id

reference_type

scores

value	0.00232
scoring_system	epss
scoring_elements	0.46124
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-23368

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23368
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23368

reference_url

https://github.com/postcss/postcss/commit/54cbf3c4847eb0fb1501b9d2337465439e849734

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/postcss/postcss/commit/54cbf3c4847eb0fb1501b9d2337465439e849734

reference_url

https://github.com/postcss/postcss/commit/8682b1e4e328432ba692bed52326e84439cec9e4

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/postcss/postcss/commit/8682b1e4e328432ba692bed52326e84439cec9e4

reference_url

https://github.com/postcss/postcss/commit/b6f3e4d5a8d7504d553267f80384373af3a3dec5

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/postcss/postcss/commit/b6f3e4d5a8d7504d553267f80384373af3a3dec5

reference_url

https://lists.apache.org/thread.html/r00158f5d770d75d0655c5eef1bdbc6150531606c8f8bcb778f0627be@%3Cdev.myfaces.apache.org%3E

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r00158f5d770d75d0655c5eef1bdbc6150531606c8f8bcb778f0627be@%3Cdev.myfaces.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r16e295b4f02d81b79981237d602cb0b9e59709bafaa73ac98be7cef1@%3Cdev.myfaces.apache.org%3E

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r16e295b4f02d81b79981237d602cb0b9e59709bafaa73ac98be7cef1@%3Cdev.myfaces.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r49afb49b38748897211b1f89c3a64dc27f9049474322b05715695aab@%3Cdev.myfaces.apache.org%3E

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r49afb49b38748897211b1f89c3a64dc27f9049474322b05715695aab@%3Cdev.myfaces.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r5acd89f3827ad9a9cad6d24ed93e377f7114867cd98cfba616c6e013@%3Ccommits.myfaces.apache.org%3E

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r5acd89f3827ad9a9cad6d24ed93e377f7114867cd98cfba616c6e013@%3Ccommits.myfaces.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r8def971a66cf3e375178fbee752e1b04a812a047cc478ad292007e33@%3Cdev.myfaces.apache.org%3E

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r8def971a66cf3e375178fbee752e1b04a812a047cc478ad292007e33@%3Cdev.myfaces.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rad5af2044afb51668b1008b389ac815a28ecea9eb75ae2cab5a00ebb@%3Ccommits.myfaces.apache.org%3E

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rad5af2044afb51668b1008b389ac815a28ecea9eb75ae2cab5a00ebb@%3Ccommits.myfaces.apache.org%3E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-23368

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-23368

reference_url

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1244795

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1244795

reference_url

https://snyk.io/vuln/SNYK-JS-POSTCSS-1090595

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://snyk.io/vuln/SNYK-JS-POSTCSS-1090595

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1948763
reference_id	1948763
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1948763

reference_url	https://access.redhat.com/errata/RHSA-2021:2438
reference_id	RHSA-2021:2438
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2438

reference_url	https://access.redhat.com/errata/RHSA-2021:3917
reference_id	RHSA-2021:3917
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3917

fixed_packages

url pkg:npm/postcss@8.2.10

purl pkg:npm/postcss@8.2.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ecqz-ug4v-1ub4

vulnerability	VCID-hd76-gtac-wub9

vulnerability	VCID-rp36-mkv8-kkdv

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/postcss@8.2.10

aliases CVE-2021-23368, GHSA-hwj9-h5mp-3pm3

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ur4t-97ar-zbdq

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:npm/postcss@8.1.1

Package Instance