Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/node-glob-parent@5.1.1%2B~5.1.0-2?distro=trixie
purl pkg:deb/debian/node-glob-parent@5.1.1%2B~5.1.0-2?distro=trixie
Next non-vulnerable version 6.0.2+~5.1.1-1
Latest non-vulnerable version 6.0.2+~5.1.3-1
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-y9aa-2a31-ufa7
Aliases:
CVE-2021-35065
GHSA-cj88-88mr-972w
GMS-2022-3113
glob-parent 6.0.0 vulnerable to Regular Expression Denial of Service glob-parent 6.0.0 is vulnerable to Regular Expression Denial of Service (ReDoS). This issue is fixed in version 6.0.1. This vulnerability is separate from [GHSA-ww39-953v-wcq6](https://github.com/advisories/GHSA-ww39-953v-wcq6).
6.0.2+~5.1.1-1
Affected by 0 other vulnerabilities.
6.0.2+~5.1.1-2
Affected by 0 other vulnerabilities.
6.0.2+~5.1.3-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-4f1w-xpyy-2fcf glob-parent vulnerable to Regular Expression Denial of Service in enclosure regex This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator. CVE-2020-28469
GHSA-ww39-953v-wcq6

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T10:01:02.468076+00:00 Debian Importer Fixing VCID-4f1w-xpyy-2fcf https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T06:43:00.763088+00:00 Debian Importer Fixing VCID-4f1w-xpyy-2fcf https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:47:08.713584+00:00 Debian Importer Affected by VCID-y9aa-2a31-ufa7 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:47:08.692137+00:00 Debian Importer Fixing VCID-4f1w-xpyy-2fcf https://security-tracker.debian.org/tracker/data/json 38.1.0