Vulnerabilities (CVE)

Filtered by vendor Gulpjs Subscribe

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-28469	1 Gulpjs	1 Glob-parent	2022-02-07	5.0 MEDIUM	7.5 HIGH
This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.
CVE-2020-28503	1 Gulpjs	1 Copy-props	2021-03-26	7.5 HIGH	9.8 CRITICAL
The package copy-props before 2.0.5 are vulnerable to Prototype Pollution via the main functionality.