-
### Which packages are impacted by your issue?
_No response_
### Describe the bug
The NPM package micromatch is vulnerable to Regular Expression Denial of Service (ReDoS). The vulnerability occurs …
-
```
# npm audit report
micromatch
-
### Issue description
There is a vulnerability detected (serverless@3.38.0) by Snyk regarding [micromatch](https://security.snyk.io/vuln/SNYK-JS-MICROMATCH-6838728)
### Context
serverless@3.38.0 >…
-
See Regular Expression Denial of Service (ReDoS) in micromatch #31 for additional details
-
https://github.com/micromatch/micromatch/actions/runs/10516356608
-
## CVE-2024-4067 - Medium Severity Vulnerability
Vulnerable Libraries - micromatch-4.0.4.tgz, micromatch-3.1.10.tgz
micromatch-4.0.4.tgz
Glob matching for javascript/node.js. A replacement and fas…
-
## CVE-2024-4067 - Medium Severity Vulnerability
Vulnerable Libraries - micromatch-3.1.10.tgz, micromatch-4.0.2.tgz, micromatch-4.0.4.tgz, micromatch-2.3.11.tgz
micromatch-3.1.10.tgz
Glob matching…
-
Vulnerable Library - tailwindcss-3.4.10.tgz
Path to dependency file: /package.json
Path to vulnerable library: /node_modules/micromatch/package.json
Found in HEAD commit: 93446f4e60f2eb5f868b89e…
-
Hey!
Great job with changing `picomatch` for `minimatch`, now I can finally exclude paths as expected :-)
Unfortunately I've run into issue, when using modifiers (`added`, `modified`, `deleted`)…
-
**Describe the bug**
I'm attempting to only process textures in a glb that don't match `*comp2` however since there is no texture URI (as its a glb and the textures are embedded) I have to also make …