Information on source package node-brace-expansion

Available versions

ReleaseVersion
bullseye2.0.0-1
bookworm2.0.1-2
trixie2.0.1+~1.1.0-2
forky2.0.3+~1.1.2-2
sid2.0.3+~1.1.2-2

Open issues

BugbullseyebookwormtrixieforkysidDescription
CVE-2026-33750vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe brace-expansion library generates arbitrary strings containing a c ...
CVE-2026-25547vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)fixedfixed@isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-e ...
CVE-2025-5889vulnerable (no DSA, postponed)vulnerable (no DSA)fixedfixedfixedA vulnerability was found in juliangruber brace-expansion up to 1.1.11 ...

Resolved issues

BugDescription
CVE-2017-18077index.js in brace-expansion before 1.1.7 is vulnerable to Regular Expr ...
Search for package or bug name: Reporting problems