Micromatch
1 CVEs
product
Monthly
The NPM package `micromatch` prior to 4.0.8 is vulnerable to Regular Expression Denial of Service (ReDoS). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Node.js
Denial Of Service
Micromatch
NVD
GitHub
CVSS 3.1
5.3
EPSS
1.4%
CVE-2024-4067
npm
EPSS 1%
CVSS 5.3
MEDIUM
POC
PATCH
This Month
The NPM package `micromatch` prior to 4.0.8 is vulnerable to Regular Expression Denial of Service (ReDoS). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Node.js
Denial Of Service
Micromatch
NVD
GitHub