VulnerableCode Package Details - pkg:deb/debian/node-minimatch@1.0.0-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/node-minimatch@1.0.0-1

Essentials
History (6)

purl	pkg:deb/debian/node-minimatch@1.0.0-1

Next non-vulnerable version	9.0.7-1
Latest non-vulnerable version	9.0.7-1
Risk	4.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-u4v3-87qk-tqb1 Aliases: CVE-2016-10540 GHSA-hxm2-r34f-qmc5	Improper Input Validation The primary function, `minimatch(path, pattern)` in Minimatch is vulnerable to ReDoS in the `pattern` parameter.	3.0.3-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-v72h-ew1u-xfcz Aliases: CVE-2022-3517 GHSA-f8q6-p94x-37v3	minimatch ReDoS vulnerability A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.	3.0.4+~3.0.3-1+deb11u2 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T23:52:50.286288+00:00	Debian Oval Importer	Affected by	VCID-v72h-ew1u-xfcz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:45:05.844788+00:00	Debian Oval Importer	Affected by	VCID-u4v3-87qk-tqb1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T23:27:11.874358+00:00	Debian Oval Importer	Affected by	VCID-v72h-ew1u-xfcz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:31:07.395381+00:00	Debian Oval Importer	Affected by	VCID-u4v3-87qk-tqb1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T23:00:13.756636+00:00	Debian Oval Importer	Affected by	VCID-v72h-ew1u-xfcz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:19:01.845072+00:00	Debian Oval Importer	Affected by	VCID-u4v3-87qk-tqb1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0