CNNVD-202602-540 Information
Feb 04, 2026
cve
CNNVD ID
CNNVD-202602-540
Related CVE
- CNNVD Published: 2026-02-04
Description (Chinese)
brace-expansion是Julian Gruber个人开发者的一个JavaScript中的Brace扩展。 brace-expansion 5.0.1之前版本存在安全漏洞,该漏洞源于无界的括号范围扩展,可能导致正则表达式拒绝服务。
Description (English)
Brace-expansion is an extension of Brace in JavaScript by Julian Gruber’s personal developer. There was a security loophole in the pre-version of culture-expansion 5.01, which stemmed from an open-ended extension of the brackets, which could lead to a regular expression of refusal of service.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2026-02-04
Last Modified
2026-02-24
References
https://github.com/isaacs/brace-expansion/security/advisories/GHSA-7h2j-956f-4vf2
Patch
https://github.com/isaacs/brace-expansion
Share on: