Описание
The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression.
Ссылки
- PatchThird Party Advisory
- ExploitPatchThird Party Advisory
- ExploitThird Party Advisory
- PatchThird Party Advisory
- ExploitPatchThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 6.0.0 (включая) до 6.0.1 (исключая)
cpe:2.3:a:gulpjs:glob-parent:*:*:*:*:*:node.js:*:*
EPSS
Процентиль: 57%
0.00348
Низкий
7.5 High
CVSS3
Дефекты
CWE-1333
CWE-1333
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 2 лет назад
The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression.
CVSS3: 7.5
redhat
больше 2 лет назад
The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression.
CVSS3: 7.5
debian
больше 2 лет назад
The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular ...
CVSS3: 7.5
github
почти 3 года назад
glob-parent 6.0.0 vulnerable to Regular Expression Denial of Service
oracle-oval
около 2 лет назад
ELSA-2023-1583: nodejs:18 security, bug fix, and enhancement update (MODERATE)
EPSS
Процентиль: 57%
0.00348
Низкий
7.5 High
CVSS3
Дефекты
CWE-1333
CWE-1333