sabberworm / PHP-CSS-Parser

A Parser for CSS Files written in PHP. Allows extraction of CSS files into a data structure, manipulation of said structure and output as (optimized) CSS

Home Page:

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Please clarify state of code injection vulnerability CVE-2020-13756

hannob opened this issue · comments

I got a warning from a security scan about CVE-2020-13756 in PHP-CSS-Parser.

According to this advisory
it affects "Sabberworm PHP CSS Parser before 8.3.1", but the latest version is 8.3.0.

Is this an unfixed vulnerability?

There are fixes available for every major release, as this list from shows:


I hope this answers your question.

ezoic increase your site revenue