vulnerability
Splunk: CVE-2021-23368: Splunk product is vulnerable with third party package
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Apr 12, 2021 | Sep 30, 2025 | Dec 18, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Apr 12, 2021
Added
Sep 30, 2025
Modified
Dec 18, 2025
Description
The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.
Solution
splunk-upgrade-latest
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.