Lucene search
GoogleOSV:USN-6086-1HistoryMay 18, 2023 - 8:22 a.m.
node-minimatch vulnerability
2023-05-1808:22:39
Google
osv.dev
14
discovered
input file
remote attacker
denial of service
software
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.5
Confidence
Low
EPSS
0.002
Percentile
55.2%
It was discovered that minimatch incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to cause a
denial of service.
Related
nessus
nessus
RHEL 6 : nodejs-minimatch (Unpatched Vulnerability)
2024-05-11 00:00:00
Ubuntu 18.04 LTS / 20.04 LTS : minimatch vulnerability (USN-6086-1)
2023-05-18 00:00:00
Debian DLA-3271-1 : node-minimatch - LTS security update
2023-01-15 00:00:00
debiancve
debiancve
CVE-2022-3517
2022-10-17 20:15:09
ibm
ibm
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to minimatch denial of service (CVE-2022-3517)
2022-12-07 20:26:29
ubuntucve
ubuntucve
CVE-2022-3517
2022-10-17 00:00:00
cve
cve
CVE-2022-3517
2022-10-17 20:15:09
prion
prion
Denial of service
2022-10-17 20:15:00
openvas
openvas
Debian: Security Advisory (DLA-3271-1)
2023-01-16 00:00:00
Ubuntu: Security Advisory (USN-6086-1)
2023-05-19 00:00:00
Fedora: Security Advisory for yarnpkg (FEDORA-2023-18fd476362)
2023-01-22 00:00:00
debian
debian
[SECURITY] [DLA 3271-1] node-minimatch security update
2023-01-15 15:25:44
redos
redos
ROS-20230504-03
2023-05-04 00:00:00
nvd
nvd
CVE-2022-3517
2022-10-17 20:15:09
osv
osv
minimatch ReDoS vulnerability
2022-10-18 12:00:32
CVE-2022-3517
2022-10-17 20:15:09
node-minimatch - security update
2023-01-15 00:00:00
cvelist
cvelist
CVE-2022-3517
2022-10-17 00:00:00
ubuntu
ubuntu
minimatch vulnerability
2023-05-18 00:00:00
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2022-11-16 23:15:34
redhatcve
redhatcve
CVE-2022-3517
2022-10-14 19:28:54
github
github
minimatch ReDoS vulnerability
2022-10-18 12:00:32
almalinux
almalinux
Moderate: nodejs:18 security, bug fix, and enhancement update
2022-12-06 00:00:00
Moderate: nodejs:18 security, bug fix, and enhancement update
2022-12-06 00:00:00
oraclelinux
oraclelinux
nodejs:18 security, bug fix, and enhancement update
2022-12-09 00:00:00
nodejs:18 security, bug fix, and enhancement update
2022-12-08 00:00:00
nodejs and nodejs-nodemon security, bug fix, and enhancement update
2023-01-24 00:00:00
rocky
rocky
nodejs:18 security, bug fix, and enhancement update
2022-12-06 15:25:25
nodejs:18 security, bug fix, and enhancement update
2022-12-06 15:25:28
nodejs and nodejs-nodemon security, bug fix, and enhancement update
2023-01-23 14:30:11
redhat
redhat
fedora
fedora
[SECURITY] Fedora 37 Update: yarnpkg-1.22.19-3.fc37
2023-01-21 03:34:16
[SECURITY] Fedora 36 Update: yarnpkg-1.22.19-3.fc36
2023-01-21 03:43:23
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.5
Confidence
Low
EPSS
0.002
Percentile
55.2%
Related for OSV:USN-6086-1