This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.
7.5CVSS
8.3AI Score
0.012EPSS
The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression.
7.5CVSS
7.4AI Score
0.001EPSS