vulnerability
Red Hat: CVE-2025-8263: prettier: prettier parseNestedCSS ReDoS
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:N/A:P) | Jul 28, 2025 | Jul 31, 2025 | Jul 31, 2025 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:P)
Published
Jul 28, 2025
Added
Jul 31, 2025
Modified
Jul 31, 2025
Description
A vulnerability was found in prettier up to 3.6.2. It has been declared as problematic. Affected by this vulnerability is the function parseNestedCSS of the file src/language-css/parser-postcss.js. The manipulation of the argument node leads to inefficient regular expression complexity. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Solution
no-fix-redhat-rpm-package
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.