Lucene search
+L

374 matches found

Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.11 views

PT-2026-20994

Name of the Vulnerable Software and Affected Versions minimatch versions 10.2.0 and below Description The software is susceptible to Regular Expression Denial of Service ReDoS when processing glob patterns containing numerous consecutive wildcards followed by a literal character absent from the...

8.7CVSS5.1AI score0.00519EPSS
Exploits1References208
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/02 5:42 p.m.10 views

Security Bulletin: Vulnerability in minimatch-3.0.4.tgz affects IBM Db2 Data Management Console(CVE-2022-3517)

Summary minimatch-3.0.4.tgz open source library is used by IBM Db2 Data Management Console . This bulletin describes the upgrades necessary to address the vulnerability. Vulnerability Details CVEID:CVE-2022-3517 DESCRIPTION: minimatch is vulnerable to a denial of service, caused by a regular...

7.5CVSS8.3AI score0.01674EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : nodejs:14 nodejs-nodemon-2.0.20-2.module+el8+1579+35966ec0, nodejs-packaging-23-3.module+el8+1579+35966ec0, nodejs-14.21.1-2.module+el8+1579+35966ec0 (AXSA:2023-4653:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4653:01 advisory. minimist: prototype pollution CVE-2021-44906 node-fetch: exposure of sensitive information to an unauthorized actor CVE-2022-0235 nodejs-minimatch:...

9.8CVSS6.8AI score0.14663EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : nodejs:18 (AXSA:2023-4944:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4944:01 advisory. nodejs-minimatch: ReDoS via the braceExpand function CVE-2022-3517 nodejs: DNS rebinding in inspect via invalid octal IP address CVE-2022-43548...

8.1CVSS8.2AI score0.14024EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 9 : nodejs-nodemon-2.0.20-2.el9, nodejs-16.18.1-3.el9 (AXSA:2023-5057:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5057:01 advisory. minimist: prototype pollution CVE-2021-44906 nodejs-minimatch: ReDoS via the braceExpand function CVE-2022-3517 nodejs: HTTP Request Smuggling due t...

9.8CVSS6.8AI score0.14024EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : nodejs:18 (AXSA:2022-4553:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4553:01 advisory. nodejs-minimatch: ReDoS via the braceExpand function CVE-2022-3517 nodejs: DNS rebinding in inspect via invalid octal IP address CVE-2022-43548...

8.1CVSS7.5AI score0.14024EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 7 : rh-nodejs14-nodejs-nodemon-2.0.20-2.el7, rh-nodejs14-nodejs-14.21.1-3.el7 (AXSA:2023-4997:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4997:01 advisory. glob-parent: Regular Expression Denial of Service CVE-2021-35065 minimist: prototype pollution CVE-2021-44906 node-fetch: exposure of sensitive...

9.8CVSS6.8AI score0.14663EPSS
Exploits5References7
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.9 views

Atlassian Jira Service Management Data Center and Server < 10.3.14 (JSDSERVER-16469)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16469 advisory. - A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of...

7.5CVSS7.5AI score0.01674EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/07 12:30 p.m.17 views

Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.15.0 shipped with IBM Cloud Pak for Business Automation iFixes for December 2025.

Summary IBM Cloud Pak for Business Automation includes IBM Cloud Pak foundational services. IBM Cloud Pak for Business Automation December 2025 security fixes update this dependency beyond 4.15.0 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2016-10540 DESCRIPTION: Minimatc...

9.1CVSS9.1AI score0.2241EPSS
Exploits13Affected Software2
Atlassian
Atlassian
added 2025/12/09 7:35 a.m.19 views

DoS (Denial of Service) minimatch Dependency in Jira Software Data Center and Server

This High severity DoS Denial of Service vulnerability known as CVE-2022-3517 was introduced in 10.3.13 of Jira Software Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attacker to take...

7.5CVSS7.5AI score0.01674EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.8 views

TencentOS Server 3: nodejs-nodemon (TSSA-2022:0261)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0261 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.8CVSS7.1AI score0.04581EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-0621

Malware in sbrugna...

7.5CVSS7.6AI score0.01743EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-7089

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01674EPSS
Exploits0References19
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/26 7:29 p.m.13 views

Security Bulletin: Vulnerabilities in Marked, Minimatch and Logback might affect IBM Storage Defender Copy Data Management

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Marked, Minimatch and Logback. Vulnerabilities include causing regular expression denial of service ReDoS, allows an attacker to mount a Denial-Of-Service attack by sending poisoned data, and allowing to execu...

7.5CVSS7.9AI score0.02828EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/25 4:6 p.m.8 views

Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to minimatch in management-console (CVE-2022-3517)

Summary minimatch package is used by IBM Storage Fusion Data Foundation in management-console. The product may be vulnerable to DOS by calling the braceExpand function with specific arguments. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data...

7.5CVSS7.5AI score0.01674EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2022-3517

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand function with...

7.5CVSS7.3AI score0.01674EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/12/20 12:0 a.m.15 views

Atlassian Confluence 7.19.x < 7.19.29 / 7.20.x < 8.5.17 / 8.6.x < 8.9.8 / 9.0.x < 9.1.0 / 9.2.0 (CONFSERVER-98300)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-98300 advisory. - A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand...

7.5CVSS7.5AI score0.01674EPSS
Exploits0References2
OSV
OSV
added 2024/09/13 12:27 p.m.16 views

RHSA-2016:1583 Red Hat Security Advisory: rh-nodejs4-nodejs-minimatch security update

Bulletin has no description...

5.3CVSS8.9AI score
Exploits0References8
OSV
OSV
added 2024/09/13 12:27 p.m.17 views

RHSA-2016:1582 Red Hat Security Advisory: nodejs010-nodejs-minimatch security update

Bulletin has no description...

5.3CVSS8.9AI score
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/07/12 12:0 a.m.29 views

RHEL 9 : pcs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - loader-utils: prototype pollution in function parseQuery in parseQuery.js CVE-2022-37601 - A vulnerabilit...

9.8CVSS9.4AI score0.02601EPSS
Exploits2References4
Rows per page
Query Builder