Search for packages
| purl | pkg:npm/postcss@8.4.23 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-f8u5-8mj5-7yc6
Aliases: CVE-2023-44270 GHSA-7fh5-64p2-3v2j |
PostCSS line return parsing error An issue was discovered in PostCSS before 8.4.31. It affects linters using PostCSS to parse external Cascading Style Sheets (CSS). There may be `\r` discrepancies, as demonstrated by `@font-face{ font:(\r/*);}` in a rule. This vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being originally included in a comment. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T22:39:50.753211+00:00 | GitLab Importer | Affected by | VCID-f8u5-8mj5-7yc6 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/postcss/CVE-2023-44270.yml | 38.4.0 |
| 2026-04-11T23:59:17.241068+00:00 | GitLab Importer | Affected by | VCID-f8u5-8mj5-7yc6 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/postcss/CVE-2023-44270.yml | 38.3.0 |
| 2026-04-03T00:02:21.891543+00:00 | GitLab Importer | Affected by | VCID-f8u5-8mj5-7yc6 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/postcss/CVE-2023-44270.yml | 38.1.0 |