| Title | prettier <=3.6.2 Inefficient Regular Expression Complexity |
|---|
| Description | A potential Regular Expression Denial of Service (ReDoS) vulnerability has been identified in src/language-css/parser-postcss.js. The regular expression used to parse custom selectors can be exploited by a specially crafted input string, leading to catastrophic backtracking and causing the application to hang. |
|---|
| Source | ⚠️ https://github.com/prettier/prettier/issues/17737 |
|---|
| User | DayShift (UID 80963) |
|---|
| Submission | 07/17/2025 08:02 (9 months ago) |
|---|
| Moderation | 07/26/2025 18:31 (9 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 317851 [prettier up to 3.6.2 parser-postcss.js parseNestedCSS node redos] |
|---|
| Points | 17 |
|---|