Paul Bastide

**Name of the Vulnerable Software and Affected Versions** scss-tokenizer versions prior to 0.4.3 **Description** The issue is related to a Regular Expression Denial of Service (ReDoS) in the scss-tokenizer package. This occurs via the `loadAnnotation()` function due to the usage of insecure regex. **Recommendations** For versions prior to 0.4.3, update to version 0.4.3 or later to resolve the issue. As a temporary workaround, consider disabling the `loadAnnotation()` function until a patch is available.