Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package braces, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2024-4068 — CVSS 7.5 (high): The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory…
CVE-2018-1109 — CVSS 5.3 (medium): A vulnerability was found in Braces versions 2.2.0 and above, prior to 2.3.1. Affected versions of this package are vulnerable to Regular…