CVE-2025-8263 | prettier up to 3.6.2 parser-postcss.js parseNestedCSS node redos (Issue 17737)

Inserito da Angelo Barbosa | Lug 26, 2025 | CVE

A vulnerability was found in prettier up to 3.6.2. It has been declared as problematic. Affected by this vulnerability is the function parseNestedCSS of the file src/language-css/parser-postcss.js. The manipulation of the argument node leads to inefficient regular expression complexity.

This vulnerability is known as CVE-2025-8263. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2025-8263 | prettier up to 3.6.2 parser-postcss.js parseNestedCSS node redos (Issue 17737)

Post correlati

CVE-2024-28784 | IBM QRadar SIEM 7.5 Web UI cross site scripting (XFDB-285893)

CVE-2024-24002 | jshERP 3.3 getListWithStock sql injection (Issue 99)

CVE-2024-13098 | Email Newsletter Plugin up to 1.1 on WordPress cross site scripting

CVE-2024-24862 | Linux Kernel up to 6.9-rc2 pci1xxxx_spi_probe null pointer dereference