Lucene search
+L

374 matches found

Cvelist
Cvelist
added 2022/10/17 12:0 a.m.40 views

CVE-2022-3517

A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand function with specific arguments, resulting in a Denial of Service...

8AI score0.01674EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/10/17 12:0 a.m.2 views

minimatch 资源管理错误漏洞

minimatch is a global matcher in javascript by isaacs personal developer. A security vulnerability exists in minimatch that stems from a Regular Expression Denial of Service ReDoS that occurs when the braceExpand function is called with a specific parameter, resulting in a denial of service...

7.5CVSS7.4AI score0.01674EPSS
Exploits0References16
Vulnrichment
Vulnrichment
added 2022/10/17 12:0 a.m.4 views

CVE-2022-3517

A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand function with specific arguments, resulting in a Denial of Service...

7.5AI score0.01674EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2022/10/17 12:0 a.m.47 views

CVE-2022-3517

A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand function with specific arguments, resulting in a Denial of Service...

7.5CVSS7.8AI score0.01674EPSS
Exploits0
OSV
OSV
added 2022/10/17 12:0 a.m.28 views

CVE-2022-3517

A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand function with specific arguments, resulting in a Denial of Service...

7.5CVSS7.3AI score0.01674EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2022/10/14 7:28 p.m.59 views

CVE-2022-3517

A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand function with specific arguments, resulting in a Denial of Service...

7.5CVSS4.3AI score0.01674EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/02/06 12:0 a.m.3 views

PT-2022-6598

Name of the Vulnerable Software and Affected Versions minimatch versions 7.19.0 and earlier Confluence Data Center versions prior to 9.1.0 Description A vulnerability was found in the minimatch package, allowing a Regular Expression Denial of Service ReDoS when calling the braceExpand function wi...

7.8CVSS6.8AI score0.01674EPSS
Exploits0References130
Huntr
Huntr
added 2021/09/17 6:23 a.m.12 views

Inefficient Regular Expression Complexity in isaacs/minimatch

Description I would like to report a Regular Expression Denial of Service ReDoS vulnerability in minimatch. It allows cause a denial of service when calling function braceExpand. The ReDoS vulnerability is mainly due to the regex /./ and can be exploited with the following code. Proof of Concept...

2.3AI score
Exploits0
OSV
OSV
added 2021/03/15 8:59 p.m.2 views

USN-4783-1 node-minimatch vulnerability

It was discovered that minimatch did not perform necessary bounds checking on regular expressions. An attacker could use this vulnerability to cause a denial of service...

7.5CVSS5.8AI score0.01743EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2021/03/15 8:59 p.m.47 views

USN-4783-1: minimatch vulnerability

It was discovered that minimatch did not perform necessary bounds checking on regular expressions. An attacker could use this vulnerability to cause a denial of service...

7.5CVSS7.4AI score0.01743EPSS
Exploits1
Veracode
Veracode
added 2019/01/15 9:12 a.m.23 views

Denial Of Service (DoS)

minimatch is vulnerable to a Regular Expression Denial Of Service ReDoS attack. An attacker can pass a string value to the minimatchpath,pattern function to cause a ReDoS...

7.5CVSS7.3AI score0.01743EPSS
Exploits1References3Affected Software8
OSV
OSV
added 2018/10/09 12:40 a.m.40 views

GHSA-HXM2-R34F-QMC5 Regular Expression Denial of Service in minimatch

Affected versions of minimatch are vulnerable to regular expression denial of service attacks when user input is passed into the pattern argument of minimatchpath, pattern. Proof of Concept js var minimatch = require“minimatch”; // utility function for generating long strings var genstr = functio...

7.5CVSS7.4AI score0.01743EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2018/10/09 12:40 a.m.35 views

Regular Expression Denial of Service in minimatch

Affected versions of minimatch are vulnerable to regular expression denial of service attacks when user input is passed into the pattern argument of minimatchpath, pattern. Proof of Concept js var minimatch = require“minimatch”; // utility function for generating long strings var genstr = functio...

7.5CVSS7.4AI score0.01743EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2018/05/31 8:29 p.m.21 views

CVE-2016-10540

Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript RegExp objects. The primary function, minimatchpath, pattern in Minimatch 3.0.1 and earlier is vulnerable to ReDoS in the pattern parameter...

7.5CVSS8.4AI score0.01743EPSS
Exploits1References1
OSV
OSV
added 2018/05/31 8:29 p.m.2 views

DEBIAN-CVE-2016-10540

Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript RegExp objects. The primary function, minimatchpath, pattern in Minimatch 3.0.1 and earlier is vulnerable to ReDoS in the pattern parameter...

7.5CVSS7.6AI score0.01743EPSS
Exploits1References1
OSV
OSV
added 2018/05/31 8:29 p.m.9 views

AZL-44502 CVE-2016-10540 affecting package js-jquery 3.5.0-4

Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript RegExp objects. The primary function, minimatchpath, pattern in Minimatch 3.0.1 and earlier is vulnerable to ReDoS in the pattern parameter...

7.5CVSS7.1AI score0.01743EPSS
Exploits1References1
OSV
OSV
added 2018/05/31 8:29 p.m.20 views

CVE-2016-10540

Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript RegExp objects. The primary function, minimatchpath, pattern in Minimatch 3.0.1 and earlier is vulnerable to ReDoS in the pattern parameter...

7.5CVSS7.7AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2018/05/31 8:29 p.m.35 views

CVE-2016-10540

Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript RegExp objects. The primary function, minimatchpath, pattern in Minimatch 3.0.1 and earlier is vulnerable to ReDoS in the pattern parameter...

7.5CVSS7.1AI score0.01743EPSS
Exploits1References3
Prion
Prion
added 2018/05/31 8:29 p.m.21 views

Code injection

Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript RegExp objects. The primary function, minimatchpath, pattern in Minimatch 3.0.1 and earlier is vulnerable to ReDoS in the pattern parameter...

5CVSS6.5AI score0.01743EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/05/31 8:29 p.m.4 views

UBUNTU-CVE-2016-10540

Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript RegExp objects. The primary function, minimatchpath, pattern in Minimatch 3.0.1 and earlier is vulnerable to ReDoS in the pattern parameter...

7.5CVSS7.1AI score0.01743EPSS
Exploits1References4
Rows per page
Query Builder