Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Lettersanitizer Project Subscribe
Filtered by product Lettersanitizer
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-31103 1 Lettersanitizer Project 1 Lettersanitizer 2022-07-06 5.0 MEDIUM 7.5 HIGH
lettersanitizer is a DOM-based HTML email sanitizer for in-browser email rendering. All versions of lettersanitizer below 1.0.2 are affected by a denial of service issue when processing a CSS at-rule `@keyframes`. This package is depended on by [react-letter](https://github.com/mat-sz/react-letter), therefore everyone using react-letter is also at risk. The problem has been patched in version 1.0.2.