01642 06 11 11 Arrange Call

Regular Expression Denial of Service (ReDoS) Vulnerability in Minimatch 3.0.1 and Earlier

CVE-2016-10540 · MEDIUM

CVE-2016-10540

Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript `RegExp` objects. The primary function, `minimatch(path, pattern)` in Minimatch 3.0.1 and earlier is vulnerable to ReDoS in the `pattern` parameter.

Learn more about our Web Application Penetration Testing UK.