VulnerableCode Package Details - pkg:deb/debian/node-minimatch@3.0.4-3

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/node-minimatch@3.0.4-3

Essentials
History (3)

purl	pkg:deb/debian/node-minimatch@3.0.4-3

Next non-vulnerable version	9.0.7-1
Latest non-vulnerable version	9.0.7-1
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-v72h-ew1u-xfcz Aliases: CVE-2022-3517 GHSA-f8q6-p94x-37v3	minimatch ReDoS vulnerability A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.	3.0.4+~3.0.3-1+deb11u2 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T23:52:50.293712+00:00	Debian Oval Importer	Affected by	VCID-v72h-ew1u-xfcz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T23:27:11.881601+00:00	Debian Oval Importer	Affected by	VCID-v72h-ew1u-xfcz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T23:00:13.766407+00:00	Debian Oval Importer	Affected by	VCID-v72h-ew1u-xfcz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0