{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33750", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-23T18:30:14.124Z", "datePublished": "2026-03-27T14:04:52.297Z", "dateUpdated": "2026-03-27T14:48:06.779Z"}, "containers": {"cna": {"title": "brace-expansion: Zero-step sequence causes process hang and memory exhaustion", "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "lang": "en", "description": "CWE-400: Uncontrolled Resource Consumption", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v"}, {"name": "https://github.com/juliangruber/brace-expansion/issues/98", "tags": ["x_refsource_MISC"], "url": "https://github.com/juliangruber/brace-expansion/issues/98"}, {"name": "https://github.com/juliangruber/brace-expansion/pull/95", "tags": ["x_refsource_MISC"], "url": "https://github.com/juliangruber/brace-expansion/pull/95"}, {"name": "https://github.com/juliangruber/brace-expansion/pull/96", "tags": ["x_refsource_MISC"], "url": "https://github.com/juliangruber/brace-expansion/pull/96"}, {"name": "https://github.com/juliangruber/brace-expansion/pull/97", "tags": ["x_refsource_MISC"], "url": "https://github.com/juliangruber/brace-expansion/pull/97"}, {"name": "https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5", "tags": ["x_refsource_MISC"], "url": "https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5"}, {"name": "https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2", "tags": ["x_refsource_MISC"], "url": "https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2"}, {"name": "https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a", "tags": ["x_refsource_MISC"], "url": "https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a"}, {"name": "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113", "tags": ["x_refsource_MISC"], "url": "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113"}, {"name": "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184", "tags": ["x_refsource_MISC"], "url": "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184"}], "affected": [{"vendor": "juliangruber", "product": "brace-expansion", "versions": [{"version": ">= 4.0.0, < 5.0.5", "status": "affected"}, {"version": ">= 3.0.0, < 3.0.2", "status": "affected"}, {"version": ">= 2.0.0, < 2.0.3", "status": "affected"}, {"version": "< 1.1.13", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-27T14:04:52.297Z"}, "descriptions": [{"lang": "en", "value": "The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. Versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13 fix the issue. As a workaround, sanitize strings passed to `expand()` to ensure a step value of `0` is not used."}], "source": {"advisory": "GHSA-f886-m6hf-6m8v", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-27T14:47:58.490818Z", "id": "CVE-2026-33750", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T14:48:06.779Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33750", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-27T14:47:58.490818Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T14:48:01.499Z"}}], "cna": {"title": "brace-expansion: Zero-step sequence causes process hang and memory exhaustion", "source": {"advisory": "GHSA-f886-m6hf-6m8v", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "juliangruber", "product": "brace-expansion", "versions": [{"status": "affected", "version": ">= 4.0.0, < 5.0.5"}, {"status": "affected", "version": ">= 3.0.0, < 3.0.2"}, {"status": "affected", "version": ">= 2.0.0, < 2.0.3"}, {"status": "affected", "version": "< 1.1.13"}]}], "references": [{"url": "https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v", "name": "https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/juliangruber/brace-expansion/issues/98", "name": "https://github.com/juliangruber/brace-expansion/issues/98", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/juliangruber/brace-expansion/pull/95", "name": "https://github.com/juliangruber/brace-expansion/pull/95", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/juliangruber/brace-expansion/pull/96", "name": "https://github.com/juliangruber/brace-expansion/pull/96", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/juliangruber/brace-expansion/pull/97", "name": "https://github.com/juliangruber/brace-expansion/pull/97", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5", "name": "https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2", "name": "https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a", "name": "https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113", "name": "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184", "name": "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. Versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13 fix the issue. As a workaround, sanitize strings passed to `expand()` to ensure a step value of `0` is not used."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-27T14:04:52.297Z"}}}, "cveMetadata": {"cveId": "CVE-2026-33750", "state": "PUBLISHED", "dateUpdated": "2026-03-27T14:48:06.779Z", "dateReserved": "2026-03-23T18:30:14.124Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-27T14:04:52.297Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. Versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13 fix the issue. As a workaround, sanitize strings passed to `expand()` to ensure a step value of `0` is not used."}], "id": "CVE-2026-33750", "lastModified": "2026-03-30T13:26:29.793", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-27T15:16:57.297", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113"}, {"source": "security-advisories@github.com", "url": "https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184"}, {"source": "security-advisories@github.com", "url": "https://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5"}, {"source": "security-advisories@github.com", "url": "https://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2"}, {"source": "security-advisories@github.com", "url": "https://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a"}, {"source": "security-advisories@github.com", "url": "https://github.com/juliangruber/brace-expansion/issues/98"}, {"source": "security-advisories@github.com", "url": "https://github.com/juliangruber/brace-expansion/pull/95"}, {"source": "security-advisories@github.com", "url": "https://github.com/juliangruber/brace-expansion/pull/96"}, {"source": "security-advisories@github.com", "url": "https://github.com/juliangruber/brace-expansion/pull/97"}, {"source": "security-advisories@github.com", "url": "https://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern", "id": "2452285", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452285"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-606", "details": ["The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory. Versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13 fix the issue. As a workaround, sanitize strings passed to `expand()` to ensure a step value of `0` is not used.", "A flaw was found in the brace-expansion library, a component used for generating strings based on patterns. A remote attacker could exploit this vulnerability by providing a specially crafted brace pattern that includes a zero step value. This malicious input causes the library's sequence generation loop to run indefinitely, leading to excessive memory allocation and causing the process to hang. This results in a Denial of Service (DoS) for the affected application."], "name": "CVE-2026-33750", "package_state": [{"cpe": "cpe:/a:redhat:cryostat:4", "fix_state": "Fix deferred", "package_name": "brace-expansion", "product_name": "Cryostat 4"}, {"cpe": "cpe:/a:redhat:gatekeeper:3", "fix_state": "Fix deferred", "package_name": "gatekeeper/gatekeeper-rhel9", "product_name": "Gatekeeper 3"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Out of support scope", "package_name": "openshift-logging/cluster-logging-operator-bundle", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Out of support scope", "package_name": "openshift-logging/cluster-logging-rhel9-operator", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Out of support scope", "package_name": "openshift-logging/eventrouter-rhel9", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Out of support scope", "package_name": "openshift-logging/fluentd-rhel9", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Out of support scope", "package_name": "openshift-logging/log-file-metric-exporter-rhel9", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Out of support scope", "package_name": "openshift-logging/logging-view-plugin-rhel9", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Out of support scope", "package_name": "openshift-logging/vector-rhel9", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:migration_toolkit_applications:8", "fix_state": "Fix deferred", "package_name": "mta/mta-ui-rhel9", "product_name": "Migration Toolkit for Applications 8"}, {"cpe": "cpe:/a:redhat:rhmt:1", "fix_state": "Fix deferred", "package_name": "rhmtc/openshift-migration-ui-rhel8", "product_name": "Migration Toolkit for Containers"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Not affected", "package_name": "migration-toolkit-virtualization/mtv-console-plugin-rhel9", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Out of support scope", "package_name": "mtv-candidate/mtv-console-plugin-rhel9", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Fix deferred", "package_name": "multicluster-engine/console-mce-rhel9", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:network_observ_optr:1", "fix_state": "Fix deferred", "package_name": "network-observability/network-observability-console-plugin-compat-rhel9", "product_name": "Network Observability Operator"}, {"cpe": "cpe:/a:redhat:network_observ_optr:1", "fix_state": "Fix deferred", "package_name": "network-observability/network-observability-console-plugin-rhel9", "product_name": "Network Observability Operator"}, {"cpe": "cpe:/a:redhat:workload_availability_nhc:0", "fix_state": "Out of support scope", "package_name": "workload-availability/node-healthcheck-must-gather-rhel9", "product_name": "Node HealthCheck Operator"}, {"cpe": "cpe:/a:redhat:workload_availability_nhc:0", "fix_state": "Out of support scope", "package_name": "workload-availability/node-healthcheck-operator-bundle", "product_name": "Node HealthCheck Operator"}, {"cpe": "cpe:/a:redhat:workload_availability_nhc:0", "fix_state": "Out of support scope", "package_name": "workload-availability/node-healthcheck-rhel9-operator", "product_name": "Node HealthCheck Operator"}, {"cpe": "cpe:/a:redhat:workload_availability_nhc:0", "fix_state": "Out of support scope", "package_name": "workload-availability/node-remediation-console-rhel8", "product_name": "Node HealthCheck Operator"}, {"cpe": "cpe:/a:redhat:workload_availability_nhc:0", "fix_state": "Out of support scope", "package_name": "workload-availability/node-remediation-console-rhel9", "product_name": "Node HealthCheck Operator"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Fix deferred", "package_name": "openshift-pipelines/pipelines-console-plugin-rhel9", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Fix deferred", "package_name": "openshift-serverless-1/kn-eventing-integrations-aws-ddb-streams-source-rhel9", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Fix deferred", "package_name": "openshift-serverless-1/kn-eventing-integrations-aws-s3-sink-rhel9", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Fix deferred", "package_name": "openshift-serverless-1/kn-eventing-integrations-aws-s3-source-rhel9", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Fix deferred", "package_name": "openshift-serverless-1/kn-eventing-integrations-aws-sns-sink-rhel9", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Fix deferred", "package_name": "openshift-serverless-1/kn-eventing-integrations-aws-sqs-sink-rhel9", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Fix deferred", "package_name": "openshift-serverless-1/kn-eventing-integrations-aws-sqs-source-rhel9", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Fix deferred", "package_name": "openshift-serverless-1/kn-eventing-integrations-log-sink-rhel9", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Fix deferred", "package_name": "openshift-serverless-1/kn-eventing-integrations-timer-source-rhel9", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Fix deferred", "package_name": "openshift-serverless-1/kn-eventing-integrations-transform-jsonata-rhel9", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:service_mesh:2", "fix_state": "Out of support scope", "package_name": "openshift-service-mesh/kiali-ossmc-rhel8", "product_name": "OpenShift Service Mesh 2"}, {"cpe": "cpe:/a:redhat:service_mesh:2", "fix_state": "Out of support scope", "package_name": "openshift-service-mesh/kiali-rhel8", "product_name": "OpenShift Service Mesh 2"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Out of support scope", "package_name": "openshift-service-mesh/kiali-operator-bundle", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/kiali-ossmc-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/kiali-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Out of support scope", "package_name": "openshift-service-mesh/kiali-rhel9-operator", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp20/system", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp21/system", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp22/system", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp24/system", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp25/system", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp26/system", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp2/system-rhel7", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp2/system-rhel8", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Fix deferred", "package_name": "3scale-amp2/system-rhel9", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Fix deferred", "package_name": "rhacm2/console-rhel9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Fix deferred", "package_name": "advanced-cluster-security/rhacs-main-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:amq_broker:7", "fix_state": "Fix deferred", "package_name": "brace-expansion", "product_name": "Red Hat AMQ Broker 7"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "ansible-on-clouds/aoc-azure-aap-installer-rhel9", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Out of support scope", "package_name": "automation-eda-controller", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Out of support scope", "package_name": "automation-gateway", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "automation-platform-ui", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:apache_camel_hawtio:4", "fix_state": "Fix deferred", "package_name": "brace-expansion", "product_name": "Red Hat build of Apache Camel - HawtIO 4"}, {"cpe": "cpe:/a:redhat:service_registry:2", "fix_state": "Fix deferred", "package_name": "brace-expansion", "product_name": "Red Hat build of Apicurio Registry 2"}, {"cpe": "cpe:/a:redhat:apicurio_registry:3", "fix_state": "Fix deferred", "package_name": "apicurio/apicurio-registry-ui-rhel8", "product_name": "Red Hat build of Apicurio Registry 3"}, {"cpe": "cpe:/a:redhat:apicurio_registry:3", "fix_state": "Fix deferred", "package_name": "apicurio/apicurio-registry-ui-rhel9", "product_name": "Red Hat build of Apicurio Registry 3"}, {"cpe": "cpe:/a:redhat:build_keycloak:", "fix_state": "Fix deferred", "package_name": "brace-expansion", "product_name": "Red Hat Build of Keycloak"}, {"cpe": "cpe:/a:redhat:podman_desktop:1", "fix_state": "Fix deferred", "package_name": "podman-desktop-macos-1-0", "product_name": "Red Hat Build of Podman Desktop"}, {"cpe": "cpe:/a:redhat:podman_desktop:1", "fix_state": "Fix deferred", "package_name": "podman-desktop-windows-1-0", "product_name": "Red Hat Build of Podman Desktop"}, {"cpe": "cpe:/a:redhat:podman_desktop:0", "fix_state": "Fix deferred", "package_name": "rhdesktop/rh-podman-desktop-ext-sandbox-rhel10", "product_name": "Red Hat Build of Podman Desktop - Tech Preview"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:8", "fix_state": "Fix deferred", "package_name": "brace-expansion", "product_name": "Red Hat Data Grid 8"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Fix deferred", "package_name": "rhdh/backstage-community-plugin-catalog-backend-module-scaffolder-relation-processor", "product_name": "Red Hat Developer Hub"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Fix deferred", "package_name": "rhdh/rhdh-hub-rhel9", "product_name": "Red Hat Developer Hub"}, {"cpe": "cpe:/a:redhat:directory_server:11", "fix_state": "Out of support scope", "package_name": "redhat-ds:11/389-ds-base", "product_name": "Red Hat Directory Server 11"}, {"cpe": "cpe:/a:redhat:directory_server:12", "fix_state": "Fix deferred", "package_name": "redhat-ds:12/389-ds-base", "product_name": "Red Hat Directory Server 12"}, {"cpe": "cpe:/a:redhat:directory_server:13", "fix_state": "Out of support scope", "package_name": "389-ds-base", "product_name": "Red Hat Directory Server 13"}, {"cpe": "cpe:/a:redhat:edge_manager:1", "fix_state": "Fix deferred", "package_name": "rhem/flightctl-ui-ocp-rhel9", "product_name": "Red Hat Edge Manager 1"}, {"cpe": "cpe:/a:redhat:edge_manager:1", "fix_state": "Fix deferred", "package_name": "rhem/flightctl-ui-rhel9", "product_name": "Red Hat Edge Manager 1"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "nodejs22", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "nodejs24", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "nodejs-nodemon", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "rust", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "grafana", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "mozjs60", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "nodejs:20/nodejs", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "nodejs:20/nodejs-nodemon", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "nodejs:22/nodejs", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "nodejs:22/nodejs-nodemon", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "nodejs:24/nodejs", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "nodejs:24/nodejs-nodemon", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "pcs", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "gjs", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "grafana", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "nodejs:20/nodejs", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "nodejs:20/nodejs-nodemon", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "nodejs:22/nodejs", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "nodejs:22/nodejs-nodemon", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "nodejs:24/nodejs", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "nodejs:24/nodejs-nodemon", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "pcs", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "rust", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Fix deferred", "package_name": "rhelai3/bootc-cuda-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Fix deferred", "package_name": "rhelai3/bootc-rocm-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:3", "fix_state": "Fix deferred", "package_name": "rhelai3/disk-image-cuda-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI) 3"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Out of support scope", "package_name": "brace-expansion", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7", "fix_state": "Out of support scope", "package_name": "brace-expansion", "product_name": "Red Hat JBoss Enterprise Application Platform 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8", "fix_state": "Fix deferred", "package_name": "brace-expansion", "product_name": "Red Hat JBoss Enterprise Application Platform 8"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Fix deferred", "package_name": "brace-expansion", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Out of support scope", "package_name": "rhoai/odh-dashboard-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Out of support scope", "package_name": "rhoai/odh-data-science-pipelines-argo-argoexec-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Out of support scope", "package_name": "rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Out of support scope", "package_name": "rhoai/odh-kf-notebook-controller-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-mlflow-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Out of support scope", "package_name": "rhoai/odh-model-registry-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Out of support scope", "package_name": "rhoai/odh-notebook-controller-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/nmstate-console-plugin-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-agent-installer-ui-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-console", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-console-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-monitoring-plugin-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-networking-console-plugin-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Out of support scope", "package_name": "odf4/mcg-core-rhel9", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Out of support scope", "package_name": "odf4/ocs-client-console-rhel9", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Out of support scope", "package_name": "odf4/odf-console-rhel9", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Out of support scope", "package_name": "odf4/odf-multicluster-console-rhel9", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_devspaces:3", "fix_state": "Fix deferred", "package_name": "devspaces/code-rhel9", "product_name": "Red Hat OpenShift Dev Spaces"}, {"cpe": "cpe:/a:redhat:openshift_devspaces:3", "fix_state": "Fix deferred", "package_name": "devspaces/jetbrains-ide-rhel9", "product_name": "Red Hat OpenShift Dev Spaces"}, {"cpe": "cpe:/a:redhat:openshift_devspaces:3", "fix_state": "Fix deferred", "package_name": "devspaces/openvsx-rhel9", "product_name": "Red Hat OpenShift Dev Spaces"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Fix deferred", "package_name": "rhosdt/tempo-jaeger-query-rhel9", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Fix deferred", "package_name": "openshift-gitops-1/argocd-rhel8", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Fix deferred", "package_name": "openshift-gitops-1/argocd-rhel9", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Fix deferred", "package_name": "openshift-gitops-1/console-plugin-rhel8", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:4", "fix_state": "Out of support scope", "package_name": "container-native-virtualization/kubevirt-console-plugin-rhel9", "product_name": "Red Hat OpenShift Virtualization 4"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "fix_state": "Out of support scope", "package_name": "brace-expansion", "product_name": "Red Hat Process Automation 7"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Out of support scope", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Fix deferred", "package_name": "quay/quay-rhel9", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7", "fix_state": "Out of support scope", "package_name": "brace-expansion", "product_name": "Red Hat Single Sign-On 7"}, {"cpe": "cpe:/a:redhat:trusted_profile_analyzer:2", "fix_state": "Not affected", "package_name": "rhtpa/rhtpa-trustification-service-rhel9", "product_name": "Red Hat Trusted Profile Analyzer"}, {"cpe": "cpe:/a:redhat:amq_streams:2", "fix_state": "Fix deferred", "package_name": "brace-expansion", "product_name": "streams for Apache Kafka 2"}, {"cpe": "cpe:/a:redhat:amq_streams:3", "fix_state": "Fix deferred", "package_name": "brace-expansion", "product_name": "streams for Apache Kafka 3"}], "public_date": "2026-03-27T14:04:52Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-33750\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-33750\nhttps://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113\nhttps://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184\nhttps://github.com/juliangruber/brace-expansion/commit/311ac0d54994158c0a384e286a7d6cbb17ee8ed5\nhttps://github.com/juliangruber/brace-expansion/commit/7fd684f89fdde3549563d0a6522226a9189472a2\nhttps://github.com/juliangruber/brace-expansion/commit/b9cacd9e55e7a1fa588fe4b7bb1159d52f1d902a\nhttps://github.com/juliangruber/brace-expansion/issues/98\nhttps://github.com/juliangruber/brace-expansion/pull/95\nhttps://github.com/juliangruber/brace-expansion/pull/96\nhttps://github.com/juliangruber/brace-expansion/pull/97\nhttps://github.com/juliangruber/brace-expansion/security/advisories/GHSA-f886-m6hf-6m8v"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[4.0.0,5.0.5)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[3.0.0,3.0.2)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[2.0.0,2.0.3)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.1.13)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "brace-expansion", "source": "cna", "vendor": "juliangruber"}, "product": "brace-expansion", "vendor": "juliangruber"}], "analysis": {"en": {"generated_at": "2026-03-31T06:05:39.744640+00:00", "value": {"mitigation_remediation": ["Update the brace-expansion package to a fixed version (>=5.0.5, 3.0.2, 2.0.3, or 1.1.13 depending on your environment).", "If an upgrade is not immediately possible, sanitize all strings passed to expand() to ensure a step value of zero is never used. ", "Consider enforcing resource limits or monitoring for abnormal memory usage to detect potential hangs caused by this vulnerability."], "summary": {"action": "Immediate Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "The vulnerability affects all releases of the npm package brace-expansion by Julian Gruber that are older than version 5.0.5, 3.0.2, 2.0.3, and 1.1.13. Any project that imports this package directly or indirectly via another dependency is at risk unless the library has been upgraded to a fixed release.", "description_and_impact": "The brace-expansion library generates strings from brace patterns. A zero\u2011step value (e.g., {1..2..0}) causes its sequence generator to loop indefinitely, making the calling process hang for seconds and allocating large amounts of memory. The result is a denial of service that would impact the application or container in which the library runs. The weakness is classified as uncontrolled resource consumption (CWE\u2011400) and unchecked input handling (CWE\u2011606). No evidence indicates code execution is possible.", "risk_and_exploitability": "The CVSS score for this issue is 6.5, reflecting moderate severity. EPSS indicates less than 1% probability of exploitation, and the vulnerability is not listed in the CISA KEV catalog. Based on the description, it is inferred that an attacker could trigger the flaw by supplying a brace pattern with a zero step value to expand() from untrusted input, causing the process to hang and use excessive memory. The likely attack vector would require an application that calls expand() with user\u2011controlled data, potentially leading to a loss of availability for the affected system."}}}}, "created": "2026-03-27T20:28:44.971612+00:00", "updated": "2026-03-31T20:01:16.452348+00:00", "vendors": ["juliangruber", "juliangruber$PRODUCT$brace-expansion"]}