https://bugzilla.redhat.com/show_bug.cgi?id=2280786
Bug ID: 2280786 Summary: CVE-2024-4067 yarnpkg: micromatch: vulnerable to Regular Expression Denial of Service [fedora-all] Product: Fedora Version: 40 Status: NEW Component: yarnpkg Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: zsvetlik@redhat.com Reporter: rkeshri@redhat.com QA Contact: extras-qa@fedoraproject.org CC: epel-packagers-sig@lists.fedoraproject.org, manisandro@gmail.com, ngompa13@gmail.com, zsvetlik@redhat.com Target Milestone: --- Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2280601
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.