Huunghia98

**Name of the Vulnerable Software and Affected Versions** lettersanitizer versions prior to 1.0.2 **Description** The issue is a denial of service problem that occurs when processing a CSS at-rule `@keyframes`. This package is depended on by react-letter, therefore everyone using react-letter is also at risk. **Recommendations** For versions prior to 1.0.2, update to version 1.0.2 to resolve the issue. As a temporary workaround, consider avoiding the use of the `@keyframes` CSS at-rule until the update is applied.