Sabberworm

**Name of the Vulnerable Software and Affected Versions** Sabberworm PHP CSS Parser versions prior to 8.3.1 php-horde-css-parser version 1.0.8-1ubuntu1+esm1 and earlier **Description** The issue is related to the parsing of uncontrolled CSS data, which could lead to remote code execution. The functions allSelectors() or getSelectorsBySpecificity() are called with input from an attacker, possibly resulting in code injection. **Recommendations** For Sabberworm PHP CSS Parser versions prior to 8.3.1, update to version 8.3.1 or later to fix the vulnerability. For php-horde-css-parser version 1.0.8-1ubuntu1+esm1 and earlier, run `sudo pro fix USN-7502-1` to fix the vulnerability, and update the system to the package version php-horde-css-parser - 1.0.8-1ubuntu1+esm1. As a temporary workaround, consider disabling the functions allSelectors() or getSelectorsBySpecificity() until a patch is available.