minimatch ReDoS vulnerability #62

Closed
opened 2023-05-02 17:57:28 +01:00 by Vylpes · 0 comments
Owner

Package: minimatch (npm)
Affected Versions: < 3.0.5
Patched Version: 3.0.5


A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.

Package: `minimatch` (npm) Affected Versions: < 3.0.5 Patched Version: 3.0.5 --- A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.
Vylpes added the
type
dependencies
label 2023-05-02 17:57:34 +01:00
Vylpes added this to the 2.1.1 milestone 2023-05-02 17:58:09 +01:00
Vylpes added the
wontfix
label 2023-05-02 18:00:37 +01:00
Sign in to join this conversation.
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: RabbitLabs/random-bunny#62
No description provided.