What the vulnerability does

01Description

A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.

Key dates

02Disclosure timeline

October 17, 2022 CVE published
May 13, 2025 Record updated