VYPR

CSS Parser

by Premailer

Source repositories

CVEs (1)

  • CVE-2026-44312MedMay 14, 2026
    risk 0.31cvss 5.8epss 0.00

    css_parser is a Ruby CSS parser. Prior to 2.1.0 and 1.22.0, the CSS Parser gem does not validate HTTPS connections, allowing a Man-in-the-Middle (MITM) attacker to inject or modify CSS content when stylesheets are loaded via HTTPS. The connection is established with…