By vendor

Juliangruber vulnerabilities

Known CVEs affecting Juliangruber products, prioritized by severity, with SEC.co remediation and detection guidance.

1 published vulnerability

  • CVE-2026-45149MEDIUM 6.5

    The brace-expansion library, a utility for generating string sequences from patterns, has a performance handling flaw in versions 5.0.0 through 5.0.5. When users expand large numeric ranges—such as {1..10000000}—the library was constructing the entire intermediate sequence in memory before applying user-defined limits. This means even if you set a maximum output of 10 items, the library would still build all 10 million elements first, consuming roughly 505 MB of memory and 800 milliseconds of processing time before discarding them. The flaw is fixed in version 5.0.6 and later.