GMS-2019-5: Regular Expression Denial of Service

February 15, 2019

Untrusted input may cause catastrophic backtracking while matching regular expressions. This can cause the application to be unresponsive leading to Denial of Service.

References

github.com/micromatch/braces/commit/abdafb0cae1e0c00f184abbadc692f4eaa98f451
www.npmjs.com/advisories/786

Detect and mitigate GMS-2019-5 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →