Candidate: CVE-2018-1109
PublicDate: 2021-03-30 02:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1109
 https://snyk.io/vuln/npm:braces:20180219
 https://github.com/micromatch/braces/commit/abdafb0cae1e0c00f184abbadc692f4eaa98f451
 https://www.npmjs.com/advisories/786
Description:
 A vulnerability was found in Braces versions prior to 2.3.1. Affected
 versions of this package are vulnerable to Regular Expression Denial of
 Service (ReDoS) attacks.
Ubuntu-Description:
Notes:
Bugs:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L [5.3 MEDIUM]

Patches_node-braces:
upstream_node-braces: released (2.3.1, 3.0.2-2)
precise/esm_node-braces: DNE
trusty_node-braces: DNE
trusty/esm_node-braces: DNE
xenial_node-braces: DNE
artful_node-braces: ignored (reached end-of-life)
bionic_node-braces: not-affected (code not present)
cosmic_node-braces: ignored (reached end-of-life)
disco_node-braces: ignored (reached end-of-life)
eoan_node-braces: not-affected (3.0.2-2)
focal_node-braces: not-affected (3.0.2-2)
devel_node-braces: not-affected (3.0.2-2)