You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Affected versions of this package are vulnerable to Inefficient Regular Expression Complexity due to the use of unsafe pattern configurations that allow greedy matching through the micromatch.braces() function. An attacker can cause the application to hang or slow down by passing a malicious payload that triggers extensive backtracking in regular expression processing.
Remediation
A fix was pushed into the master branch but not yet published.
Overview
Affected versions of this package are vulnerable to Inefficient Regular Expression Complexity due to the use of unsafe pattern configurations that allow greedy matching through the
micromatch.braces()function. An attacker can cause the application to hang or slow down by passing a malicious payload that triggers extensive backtracking in regular expression processing.Remediation
A fix was pushed into the
masterbranch but not yet published.References
The text was updated successfully, but these errors were encountered: