CVE-2023-26364

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Nov 17, 2023

Updated: Nov 24, 2023

CWE ID 20

Summary

CVE-2023-26364 is a vulnerability affecting the @adobe/css-tools package version 4.3.0 and earlier. This issue involves improper input validation, which could lead to a minor denial of service incident as the tool attempts to parse CSS. Unlike more severe vulnerabilities, exploitation of this flaw does not necessitate user interaction or elevated privileges.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sXM6FB
https://www.cve.org/CVERecord?id=CVE-2023-26364
https://nvd.nist.gov/vuln/detail/CVE-2023-26364

Back to Vulnerability Database

CVE-2023-26364

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations