high vulnerability issue in dependent package minimatch


Description: minimatch package versions before 3.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS). It's possible to cause a denial of service when calling function braceExpand (The regex /\{.*\}/ is vulnerable and can be exploited).

Solution: Update minimatch version 3.0.4 to 3.0.5.

Vulnerability Link : https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6

Reference: https://github.com/grafana/grafana-image-renderer/issues/329



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

high vulnerability issue in dependent package minimatch #252

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Uh oh!

high vulnerability issue in dependent package minimatch #252

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions