Subhashdasyam

**Name of the Vulnerable Software and Affected Versions** brace-expansion (affected versions not specified) **Description** A Denial of Service (DoS) issue exists where the `max` option is applied too late during the expansion of large numeric ranges. For example, expanding a range like `{1..10000000}` causes the sequence generation loop to create all intermediate elements before applying the limit. This results in excessive memory allocation and processing time, even when a small `max` value is specified. **Recommendations** Ensure the string to be expanded does not contain more values than the desired `max` item count.