2 matches found
CVE-2020-28469
CVE-2020-28469 affects the glob-parent package prior to v5.1.2. The flaw arises from the enclosure-regex used to validate strings ending in an enclosure that contains a path separator. The described effect is a Regular Expression Denial of Service (ReDoS) scenario. Affected software/component: gl...
CVE-2021-35065
CVE-2021-35065 : The glob-parent package for Node.js is vulnerable to a Regular Expression Denial of Service (ReDoS) in the enclosure regex, affecting versions before 6.0.1. This can cause an impact to availability under network access with low attacker effort. A remediation is to upgrade glob-pa...