374 matches found
PT-2026-20994
Name of the Vulnerable Software and Affected Versions minimatch versions 10.2.0 and below Description The software is susceptible to Regular Expression Denial of Service ReDoS when processing glob patterns containing numerous consecutive wildcards followed by a literal character absent from the...
Security Bulletin: Vulnerability in minimatch-3.0.4.tgz affects IBM Db2 Data Management Console(CVE-2022-3517)
Summary minimatch-3.0.4.tgz open source library is used by IBM Db2 Data Management Console . This bulletin describes the upgrades necessary to address the vulnerability. Vulnerability Details CVEID:CVE-2022-3517 DESCRIPTION: minimatch is vulnerable to a denial of service, caused by a regular...
MiracleLinux 8 : nodejs:14 nodejs-nodemon-2.0.20-2.module+el8+1579+35966ec0, nodejs-packaging-23-3.module+el8+1579+35966ec0, nodejs-14.21.1-2.module+el8+1579+35966ec0 (AXSA:2023-4653:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4653:01 advisory. minimist: prototype pollution CVE-2021-44906 node-fetch: exposure of sensitive information to an unauthorized actor CVE-2022-0235 nodejs-minimatch:...
MiracleLinux 9 : nodejs:18 (AXSA:2023-4944:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4944:01 advisory. nodejs-minimatch: ReDoS via the braceExpand function CVE-2022-3517 nodejs: DNS rebinding in inspect via invalid octal IP address CVE-2022-43548...
MiracleLinux 9 : nodejs-nodemon-2.0.20-2.el9, nodejs-16.18.1-3.el9 (AXSA:2023-5057:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5057:01 advisory. minimist: prototype pollution CVE-2021-44906 nodejs-minimatch: ReDoS via the braceExpand function CVE-2022-3517 nodejs: HTTP Request Smuggling due t...
MiracleLinux 8 : nodejs:18 (AXSA:2022-4553:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4553:01 advisory. nodejs-minimatch: ReDoS via the braceExpand function CVE-2022-3517 nodejs: DNS rebinding in inspect via invalid octal IP address CVE-2022-43548...
MiracleLinux 7 : rh-nodejs14-nodejs-nodemon-2.0.20-2.el7, rh-nodejs14-nodejs-14.21.1-3.el7 (AXSA:2023-4997:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4997:01 advisory. glob-parent: Regular Expression Denial of Service CVE-2021-35065 minimist: prototype pollution CVE-2021-44906 node-fetch: exposure of sensitive...
Atlassian Jira Service Management Data Center and Server < 10.3.14 (JSDSERVER-16469)
The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16469 advisory. - A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of...
Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.15.0 shipped with IBM Cloud Pak for Business Automation iFixes for December 2025.
Summary IBM Cloud Pak for Business Automation includes IBM Cloud Pak foundational services. IBM Cloud Pak for Business Automation December 2025 security fixes update this dependency beyond 4.15.0 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2016-10540 DESCRIPTION: Minimatc...
DoS (Denial of Service) minimatch Dependency in Jira Software Data Center and Server
This High severity DoS Denial of Service vulnerability known as CVE-2022-3517 was introduced in 10.3.13 of Jira Software Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attacker to take...
TencentOS Server 3: nodejs-nodemon (TSSA-2022:0261)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0261 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
EUVD-2018-0621
Malware in sbrugna...
EUVD-2022-7089
Malicious code in bioql PyPI...
Security Bulletin: Vulnerabilities in Marked, Minimatch and Logback might affect IBM Storage Defender Copy Data Management
Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Marked, Minimatch and Logback. Vulnerabilities include causing regular expression denial of service ReDoS, allows an attacker to mount a Denial-Of-Service attack by sending poisoned data, and allowing to execu...
Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to minimatch in management-console (CVE-2022-3517)
Summary minimatch package is used by IBM Storage Fusion Data Foundation in management-console. The product may be vulnerable to DOS by calling the braceExpand function with specific arguments. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data...
Linux Distros Unpatched Vulnerability : CVE-2022-3517
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand function with...
Atlassian Confluence 7.19.x < 7.19.29 / 7.20.x < 8.5.17 / 8.6.x < 8.9.8 / 9.0.x < 9.1.0 / 9.2.0 (CONFSERVER-98300)
The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-98300 advisory. - A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand...
RHSA-2016:1583 Red Hat Security Advisory: rh-nodejs4-nodejs-minimatch security update
Bulletin has no description...
RHSA-2016:1582 Red Hat Security Advisory: nodejs010-nodejs-minimatch security update
Bulletin has no description...
RHEL 9 : pcs (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - loader-utils: prototype pollution in function parseQuery in parseQuery.js CVE-2022-37601 - A vulnerabilit...