AZL-44562 CVE-2024-4068 affecting package nodejs-nodemon 2.0.3-5

🗓️ 14 May 2024 15:42:48Reported by GoogleType

osv🔗 osv.dev👁 2 Views

The nodemon package is affected by a braces memory exhaustion vulnerability when parsing imbalanced braces.

Reporter	Title	Published	Views	Family All 175
IBM Security Bulletins	Security Bulletin: IBM Security QRadar EDR Software contains multiple vulnerabilities	8 Jul 202409:49	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Analytics Mobile (Android) is affected by multiple vulnerabilities	21 Oct 202415:52	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js braces	29 Jul 202421:50	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Dashboards on Cloud Pak for Data has addressed security vulnerabilities	6 May 202519:09	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Wincollect is using components with known vulnerabilities	9 Jul 202417:03	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM Data Virtualization on Cloud Pak for Data (February 2025)	15 Apr 202503:52	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities fixed in IBM Security Verify Information Queue	5 Aug 202409:25	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service due to Node.js micromatch & braces modules (CVE-2024-4067 & CVE-2024-4068)	14 Jun 202410:40	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data	15 Apr 202502:34	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js braces module denial of service vulnerability [ CVE-2024-4068]	28 Jan 202522:08	–	ibm

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-4068

21 Apr 2026 04:31Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.17.5

EPSS0.00275

SSVC