The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression.
{ "cpes": [ "cpe:2.3:a:gulpjs:glob-parent:*:*:*:*:*:node.js:*:*" ], "severity": "High" }