Gulpjs

gulpjs

3 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-35065 1Gulpjs 1Glob Parent Apr 14, 2025 Dec 26, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression.
CVE-2020-28469 2Gulpjs Oracle 2Communications Cloud Native Core Policy Glob Parent Nov 21, 2024 Jun 3, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.
CVE-2020-28503 1Gulpjs 1Copy Props Nov 21, 2024 Mar 23, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The package copy-props before 2.0.5 are vulnerable to Prototype Pollution via the main functionality.