NextGuard
UNKNOWNCVE-2022-3517

minimatch ReDoS vulnerability

Platform

nodejs

Component

minimatch

Fixed in

3.0.5

View on NVD

A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.

How to fix

No official patch available. Check for workarounds or monitor for updates.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free