CVE-2016-10540

Опубликовано: 31 мая 2018

Источник: ubuntu

Приоритет: medium

CVSS2: 5

CVSS3: 7.5

Описание

Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript RegExp objects. The primary function, minimatch(path, pattern) in Minimatch 3.0.1 and earlier is vulnerable to ReDoS in the pattern parameter.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected	3.0.4-3
cosmic	not-affected	3.0.4-3
devel	not-affected	3.0.4-3
disco	not-affected	3.0.4-3
eoan	not-affected	3.0.4-3
esm-apps/bionic	not-affected	3.0.4-3
esm-apps/focal	not-affected	3.0.4-3
esm-apps/jammy	not-affected	3.0.4-3
esm-apps/xenial	released	1.0.0-1ubuntu0.1~esm2

Показывать по

Ссылки на источники

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2016-10540

CVSS3: 7.5

nvd

больше 7 лет назад

Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript `RegExp` objects. The primary function, `minimatch(path, pattern)` in Minimatch 3.0.1 and earlier is vulnerable to ReDoS in the `pattern` parameter.

CVE-2016-10540

CVSS3: 7.5

debian

больше 7 лет назад

Minimatch is a minimal matching utility that works by converting glob ...

GHSA-hxm2-r34f-qmc5

CVSS3: 7.5

github

больше 7 лет назад

Regular Expression Denial of Service in minimatch

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2016-10540

Описание

Пакет node-minimatch

Ссылки на источники

Связанные уязвимости