npm package
glob-parent
pkg:npm/glob-parent
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-35065 | — | >= 6.0.0, < 6.0.1 | 6.0.1 | Dec 26, 2022 | The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression. | ||
| CVE-2020-28469 | — | >= 4.0.0, < 5.1.2 | 5.1.2 | Jun 3, 2021 | This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator. |
- CVE-2021-35065Dec 26, 2022affected >= 6.0.0, < 6.0.1fixed 6.0.1
The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression.
- CVE-2020-28469Jun 3, 2021affected >= 4.0.0, < 5.1.2fixed 5.1.2
This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.