Aggregates CVE and security vulnerability intelligence across all gulpjs-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk denial of service, with potential vendor impact application crash across vendor surface software deployment and vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-35065 | The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression. | [email protected] | 7.5 | 0.44% | 2022-12-26 | 2025-04-14 |
| CVE-2020-28469 | This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator. | [email protected] | 5.3 | 0.99% | 2021-06-03 | 2024-11-21 |
| CVE-2020-28503 | The package copy-props before 2.0.5 are vulnerable to Prototype Pollution via the main functionality. | [email protected] | 7.3 | 0.58% | 2021-03-23 | 2024-11-21 |