High severity vulnerability that affects minimatch

2018-10-09T00:40:41
ID GHSA-HXM2-R34F-QMC5
Type github
Reporter GitHub Advisory Database
Modified 2019-07-03T21:02:03

Description

Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript RegExp objects. The primary function, minimatch(path, pattern) in Minimatch 3.0.1 and earlier is vulnerable to ReDoS in the pattern parameter.