Regular Expression Denial Of Service (ReDoS)
minimatch is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to nested extglob patterns generating regex with unbounded quantifiers, which allows an attacker to trigger catastrophic backtracking via crafted patterns and inputs, leading to significant performance...