Vulnerable Package issue exists @ Npm-glob-parent-3.1.0 in branch main
In glob-parent prior to 5.1.2 the way that the enclosure regex in index.js is defined could allow an attacker to exploit it, and cause a Denial of Service (ReDoS). This has been fixed in version 5.1.2.
Vulnerable Package issue exists @ Npm-glob-parent-3.1.0 in branch main
In glob-parent prior to 5.1.2 the way that the
enclosureregex inindex.jsis defined could allow an attacker to exploit it, and cause a Denial of Service (ReDoS). This has been fixed in version 5.1.2.Namespace: westonphillips Repository: CheckmarxOnePOV Repository Url: https://github.com/westonphillips/CheckmarxOnePOV CxAST-Project: westonphillips/CheckmarxOnePOV CxAST platform scan: 6a8170d0-38fa-4efc-81df-42628474102c Branch: main Application: CheckmarxOnePOV Severity: HIGH State: NOT_IGNORED Status: RECURRENT CWE: CWE-400
Additional Info Attack vector: NETWORK Attack complexity: LOW Confidentiality impact: NONE Availability impact: HIGH Remediation Upgrade Recommendation: 5.1.2
References Advisory Issue Pull request Commit Release Note