cvedb.io
CVE-2022-3517
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2022-10-17T20:15:09.937 · Last modified 2026-06-17T04:59:40.550

Summary

A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.

Affected products

minimatch_project — minimatch

Does this affect you?

Add your gear to cvedb and we'll alert you only when minimatch_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.