{"vulnerability": "cve-2022-31103", "sightings": [{"uuid": "d3a77559-da29-42e9-a15c-92a13f854bbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31103", "type": "seen", "source": "https://t.me/cibsecurity/45257", "content": "\u203c CVE-2022-31103 \u203c\n\nlettersanitizer is a DOM-based HTML email sanitizer for in-browser email rendering. All versions of lettersanitizer below 1.0.2 are affected by a denial of service issue when processing a CSS at-rule `@keyframes`. This package is depended on by [react-letter](https://github.com/mat-sz/react-letter), therefore everyone using react-letter is also at risk. The problem has been patched in version 1.0.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-28T02:35:11.000000Z"}]}