sabberworm / PHP-CSS-Parser

A Parser for CSS Files written in PHP. Allows extraction of CSS files into a data structure, manipulation of said structure and output as (optimized) CSS

Home Page:http://www.sabberworm.com/blog/2010/6/10/php-css-parser

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Please clarify state of code injection vulnerability CVE-2020-13756

hannob opened this issue · comments

I got a warning from a security scan about CVE-2020-13756 in PHP-CSS-Parser.

According to this advisory
https://packetstormsecurity.com/files/cve/CVE-2020-13756
it affects "Sabberworm PHP CSS Parser before 8.3.1", but the latest version is 8.3.0.

Is this an unfixed vulnerability?

There are fixes available for every major release, as this list from https://packagist.org/packages/sabberworm/php-css-parser shows:

image

I hope this answers your question.

ezoic increase your site revenue