1 results (0.013 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2

The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression. El paquete glob-parent anterior a 6.0.1 para Node.js permite ataques ReDoS (Denegación de Servicio (DoS) de expresión regular) contra la expresión regular del recinto. A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability. • https://github.com/gulpjs/glob-parent/commit/3e9f04a3b4349db7e1962d87c9a7398cda51f339 https://github.com/gulpjs/glob-parent/pull/49 https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294 https://access.redhat.com/security/cve/CVE-2021-35065 https://bugzilla.redhat.com/show_bug.cgi?id=2156324 • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •