VDB
KO
HIGH 7.5

GHSA-f8q6-p94x-37v3

minimatch ReDoS vulnerability

Details

A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.

Are you affected?

Enter the version of the package you're using.

Affected packages

npm / minimatch
Introduced in: 0 Fixed in: 3.0.5
Fix npm install minimatch@3.0.5

References