CVE-2018-1109

EPSS 1.4%CWE-185

A vulnerability was found in Braces versions 2.2.0 and above, prior to 2.3.1. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) attacks.

Affected products

n/a · nodejs-braces

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://bugzilla.redhat.com/show_bug.cgi?id=1547272 https://snyk.io/vuln/npm:braces:20180219