BIT-gulp-2021-35065

Import Source

https://github.com/bitnami/vulndb/tree/main/data/gulp/BIT-gulp-2021-35065.json

Aliases

CVE-2021-35065
GHSA-cj88-88mr-972w

Published

2024-03-06T10:52:58.490Z

Modified

2024-03-06T11:25:28.861Z

Summary

[none]

Details

The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression.

References

https://github.com/gulpjs/glob-parent/commit/3e9f04a3b4349db7e1962d87c9a7398cda51f339
https://github.com/gulpjs/glob-parent/pull/49
https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294

Affected packages

Bitnami / gulp

Package

Name: gulp

Affected ranges

Type: SEMVER
Events: Introduced

6.0.0

Fixed

6.0.1