CVE-2024-4067MEDIUMCVSS 5.3fixed in node-micromatch 4.0.7+~4.0.7-1 (forky)2024
CVE-2024-4067 [MEDIUM] CVE-2024-4067: node-micromatch - The NPM package `micromatch` prior to 4.0.8 is vulnerable to Regular Expression ...
The NPM package `micromatch` prior to 4.0.8 is vulnerable to Regular Expression Denial of Service (ReDoS). The vulnerability occurs in `micromatch.braces()` in `index.js` because the pattern `.*` will greedily match anything. By passing a malicious payload, the pattern matching will keep backtracking to the input while it doesn't find the closing bracket. As
debian