Gulpjs: Security Vulnerabilities
The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-12-26
This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.
CVSS Score
5.3
EPSS Score
0.009
Published
2021-06-03
The package copy-props before 2.0.5 are vulnerable to Prototype Pollution via the main functionality.
CVSS Score
7.3
EPSS Score
0.006
Published
2021-03-23