CVE-2021-35065

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-35065

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-35065.json

Aliases

BIT-gulp-2021-35065
GHSA-cj88-88mr-972w

Related

ALSA-2023:1582
ALSA-2023:1583
ALSA-2023:1743
ALSA-2023:2654
RLSA-2023:1582
RLSA-2023:1583
RLSA-2023:1743

Published

2022-12-26T07:15:11Z

Modified

2023-12-06T01:01:17.963266Z

Details

The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression.

References

https://github.com/gulpjs/glob-parent/pull/49
https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294
https://github.com/gulpjs/glob-parent/commit/3e9f04a3b4349db7e1962d87c9a7398cda51f339

Affected packages

Git / github.com/gulpjs/glob-parent

Affected ranges

Type: GIT
Repo: https://github.com/gulpjs/glob-parent
Events: Fixed

3e9f04a3b4349db7e1962d87c9a7398cda51f339

Introduced

6fd137b452b15d5c3a22f7300b8180799ac78ee4

Affected versions

v6.*

v6.0.0