CVE-2021-35065

CVSS V2 None CVSS V3 None

Description

The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression.

Overview

CVE ID
CVE-2021-35065

Assigner
cve@mitre.org

Vulnerability Status
Analyzed

Published Version
2022-12-26T07:15:11

Last Modified Date
2023-01-23T18:32:24

Weakness Enumerations

CWE	URL
CWE-1333	http://cwe.mitre.org/data/definitions/1333.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version Start	Version End
cpe:2.3:a:gulpjs:glob-parent::::::node.js::*	1	OR		6.0.1

References

Reference URL	Reference Tags
https://github.com/gulpjs/glob-parent/commit/3e9f04a3b4349db7e1962d87c9a7398cda51f339
https://github.com/gulpjs/glob-parent/pull/49
https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2021-35065
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35065

History

Created	Old Value	New Value	Data Type	Notes
2022-12-26 07:16:16				Added to TrackCVE
2022-12-27 14:15:55		2022-12-27T13:48:11	CVE Modified Date	updated
2022-12-27 14:15:55	Received	Awaiting Analysis	Vulnerability Status	updated
2023-01-03 11:14:33	Awaiting Analysis	Undergoing Analysis	Vulnerability Status	updated
2023-01-05 03:15:32		2023-01-05T03:06:31	CVE Modified Date	updated
2023-01-05 03:15:32	Undergoing Analysis	Analyzed	Vulnerability Status	updated
2023-01-05 03:15:32			Weakness Enumeration	new
2023-01-05 03:15:33			CPE Information	updated
2023-01-23 19:13:50		2023-01-23T18:32:24	CVE Modified Date	updated