gulpjs/glob-parent

gulpjs/glob-parent

Releases16
Frequency2 weeks 2 days
Last Release
Stars83
Extract the non-magic parent path from a glob string.

CVE History

CVEAffectedPublishedCVSS v3CVSS v2
= *, >= 6.0.0, < 6.0.17.5 HIGH

The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression.

< 5.1.25.3 MEDIUM5 MEDIUM

This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.