Regular Expression Denial of Service vulnerability detected

micromatch / braces

Faster brace expansion for node.js. Besides being faster, braces is not subject to DoS attacks like minimatch, is more accurate, and has more complete support for Bash 4.3.

https://github.com/jonschlinkert

MIT License

207 stars 47 forks source link

Regular Expression Denial of Service vulnerability detected #20

Closed cgds188 closed 5 years ago

cgds188 commented 5 years ago

Below vulnerability is detected via npm version 6.4.1 Regular Expression Denial of Service (as low severity)

Manual Review Some vulnerabilities require your attention to resolve Visit https://go.npm.me/audit-guide for additional guidance

Low Regular Expression Denial of Service

Package braces

Patched in >=2.3.1

jonschlinkert commented 5 years ago

This was fixed a long time ago.