Code editor
No response
Platform
No response
Version
No response
What steps will reproduce the bug?
No response
How often does it reproduce? Is there a required condition?
No response
What is the expected behavior?
No response
What do you see instead?
Run npm audit:
npm audit report
minimatch 10.0.0 - 10.2.2
Severity: high
minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern - GHSA-3ppc-4f35-3m26
minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments - GHSA-7r86-cg39-jmmj
minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions - GHSA-23c5-xmqv-rm74
fix available via npm audit fix --force
Will install bash-language-server@5.4.3, which is a breaking change
node_modules/bash-language-server/node_modules/minimatch
editorconfig 2.0.1 - 3.0.1
Depends on vulnerable versions of minimatch
node_modules/bash-language-server/node_modules/editorconfig
bash-language-server >=5.5.0
Depends on vulnerable versions of editorconfig
node_modules/bash-language-server
3 high severity vulnerabilities
Additional information
No response
Code editor
No response
Platform
No response
Version
No response
What steps will reproduce the bug?
No response
How often does it reproduce? Is there a required condition?
No response
What is the expected behavior?
No response
What do you see instead?
Run npm audit:
npm audit report
minimatch 10.0.0 - 10.2.2
Severity: high
minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern - GHSA-3ppc-4f35-3m26
minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments - GHSA-7r86-cg39-jmmj
minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions - GHSA-23c5-xmqv-rm74
fix available via
npm audit fix --forceWill install bash-language-server@5.4.3, which is a breaking change
node_modules/bash-language-server/node_modules/minimatch
editorconfig 2.0.1 - 3.0.1
Depends on vulnerable versions of minimatch
node_modules/bash-language-server/node_modules/editorconfig
bash-language-server >=5.5.0
Depends on vulnerable versions of editorconfig
node_modules/bash-language-server
3 high severity vulnerabilities
Additional information
No response