VYPR
Vendor

Juliangruber

Products
2
CVEs
4
Across products
4
Status
Private

Products

2

Recent CVEs

4
  • CVE-2021-41117HigOct 11, 2021
    risk 0.50cvss 8.7epss 0.03

    keypair is a a RSA PEM key generator written in javascript. keypair implements a lot of cryptographic primitives on its own or by borrowing from other libraries where possible, including node-forge. An issue was discovered where this library was generating identical RSA keys…

  • CVE-2026-45149MedMay 29, 2026
    risk 0.35cvss 6.5epss 0.00

    The brace-expansion library generates arbitrary strings containing a common prefix and suffix. From 5.0.0 to before 5.0.6, the max option was being applied too late. When expanding a single large numeric range like {1..10000000}, the sequence generation loop generates all 10…

  • CVE-2026-33750MedMar 27, 2026
    risk 0.35cvss 6.5epss 0.00

    The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence generation loop to run indefinitely, making the…

  • CVE-2025-5889LowJun 9, 2025
    risk 0.13cvss 3.1epss 0.00

    A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be…