Description
Summary
@sentry/node depends on minimatch ^9.0.3, which has a known ReDoS vulnerability.
Vulnerability
- CVE: GHSA-3ppc-4f35-3m26
- Severity: High
- Issue: ReDoS via repeated wildcards with non-matching literal in pattern
- Fixed in: minimatch 10.2.1+
Request
Please upgrade minimatch dependency from ^9.0.3 to ^10.2.1 in @sentry/node.
Impact
Affects @sentry/nextjs and all packages depending on @sentry/node.
References
GHSA-3ppc-4f35-3m26
Description
Summary
@sentry/nodedepends onminimatch^9.0.3, which has a known ReDoS vulnerability.Vulnerability
Request
Please upgrade
minimatchdependency from ^9.0.3 to ^10.2.1 in@sentry/node.Impact
Affects
@sentry/nextjsand all packages depending on@sentry/node.References
GHSA-3ppc-4f35-3m26