6 matches found
Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.15.0 shipped with IBM Cloud Pak for Business Automation iFixes for December 2025.
Summary IBM Cloud Pak for Business Automation includes IBM Cloud Pak foundational services. IBM Cloud Pak for Business Automation December 2025 security fixes update this dependency beyond 4.15.0 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2016-10540 DESCRIPTION: Minimatc...
Ubuntu 16.04 ESM : minimatch vulnerability (USN-4783-1)
The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-4783-1 advisory. It was discovered that minimatch did not perform necessary bounds checking on regular expressions. An attacker could use this vulnerability to cause a denial of...
Security Bulletin: Multiple vulnerabilities found with third-party libraries used by IBM® MobileFirst Platform
Summary There are multiple vulnerabilities in open source libraries used by IBM MobileFirst Platform Foundation. They are addressed in this update. Vulnerability Details CVEID:CVE-2022-3517 DESCRIPTION: minimatch is vulnerable to a denial of service, caused by a regular expression denial of servi...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10540. Reason: This candidate is a reservation duplicate of CVE-2016-10540. Notes: All CVE users should reference CVE-2016-10540 instead of this candidate. All references and descriptions in this candidate have been removed t...
CVE-2016-10540
Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript RegExp objects. The primary function, minimatchpath, pattern in Minimatch 3.0.1 and earlier is vulnerable to ReDoS in the pattern parameter...
CVE-2016-10540
CVE-2016-10540 refers to Minimatch (node) where the function minimatch(path, pattern) in Minimatch 3.0.1 and earlier is vulnerable to ReDoS through the pattern parameter. The connected IBM security bulletin reiterates the same description and CVSS base score of 7.5, noting multiple related CVEs b...