MidnightBSD

Advisories for brace_expansion_project

CVE-2017-18077 MEDIUM

index.js in brace-expansion before 1.1.7 is vulnerable to Regular Expression Denial of Service (ReDoS) attacks, as demonstrated by an expand argument containing many comma characters.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
brace_expansion_project brace_expansion *