Lucene search
K

37 matches found

vulnersOsv
vulnersOsv
added 2026/03/26 6:34 p.m.8 views

com.codbex.aion:codbex-aion-platform (>=0.5.6 <=0.5.7), com.codbex.aion:codbex-aion-platform-keycloack (>=0.5.6 <=0.5.7) +96 more potentially affected by CVE-2024-45296 +1 more via org.webjars.npm:path-to-regexp (>=0.1.7 <=8.2.0)

org.webjars.npm:path-to-regexp MAVEN version =0.1.7, =0.5.6, =0.5.6, =0.5.6, =0.4.0, =0.4.0, =0.5.3, =0.5.5 - com.codbex.kronos:codbex-kronos-coverage-aggregate =0.4.0 - com.codbex.kronos:codbex-kronos-modules-all =0.4.0 - com.codbex.kronos:codbex-kronos-modules-engines-all =0.4.0 -...

7.5CVSS6.7AI score0.00932EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/02 4:23 a.m.13 views

Security Bulletin: The IBM Maximo Application Suite AI-Service component uses multiple third-party dependencies that contain vulnerabilities associated with multiple CVEs.

Summary The IBM Maximo Application Suite AI-Service component uses"base-x-4.0.0.tgz, body-parser-1.20.2.tgz, cross-spawn-7.0.3.tgz, glob-10.4.2.tgz, path-to-regexp-0.1.7.tgz, qs-6.13.0.tgz, qs-6.14.0.tgz, qs-6.5.3.tgz, urllib3-2.6.2-py3-none-any.whl" which are vulnerable to "CVE-2025-27611,...

8.9CVSS6.6AI score0.03092EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/25 12:1 p.m.5 views

Security Bulletin: A vulnerability in path-to-regexp affect IBM® Db2® Big SQL on IBM Cloud Pak for Data.

Summary A vulnerability in path-to-regexp affect IBM® Db2® Big SQL 7 on IBM Cloud Pak for Data 4 and 5 Vulnerability Details CVEID:CVE-2024-45296 DESCRIPTION: path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can b...

7.5CVSS5.8AI score0.00932EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/09 5:14 a.m.5 views

Security Bulletin: IBM Sterling External Authentication Server is vuulnerable due to path-to-regexp (CVE-2024-45296).

Summary IBM Sterling External Authentication Server uses the npm path-to-regexp, which is vulnerable to CVE-2024-45296. Vulnerability Details CVEID:CVE-2024-45296 DESCRIPTION: path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular...

7.5CVSS6.9AI score0.00932EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/30 6:26 a.m.9 views

Security Bulletin: IBM Maximo Application Suite - Manage Component uses path-to-regexp-0.1.7.tgz which is vulnerable to CVE-2024-45296, CVE-2024-52798

Summary Security Bulletin: IBM Maximo Application Suite - Manage Component uses path-to-regexp-0.1.7.tgz which is vulnerable to CVE-2024-45296, CVE-2024-52798. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-45296 DESCRIPTION:...

8.7CVSS7.3AI score0.00932EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/19 2:3 a.m.15 views

Security Bulletin:IBM Event Streams is vulnerable to a Deniel of service (DoS) attack due to the path-to-regexp (CVE-2024-45296).

Summary IBM Event Streams is vulnerable to a Denial of Service DoS attack due to the path-to-regexp component, a JavaScript library that converts path strings into regular expressions to match and extract parameters from URLs or other structured data based on defined path patterns. Vulnerability...

7.5CVSS6.4AI score0.00932EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/18 9:50 a.m.45 views

Security Bulletin: Multiple Vulnerabilities affects IBM License Metric Tool v9.

Summary Multiple vulnerabilities have been remediated in components used by IBM License Metric Tool. Vulnerability Details CVEID:CVE-2025-25184 DESCRIPTION: Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.11, 3.0.12, and 3.1.10, Rack::CommonLogger can be...

9.8CVSS8.4AI score0.01157EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/12 2:38 p.m.17 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to path-to-regexp-0.1.10.tgz CVE-2024-52798

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to path-to-regexp-0.1.10.tgz CVE-2024-52798. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-52798 DESCRIPTION: path-to-regexp turns path strings into a regular...

8.7CVSS8.4AI score0.00792EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.17 views

Linux Distros Unpatched Vulnerability : CVE-2024-45296

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause...

7.5CVSS6.7AI score0.00932EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/06 5:31 a.m.8 views

Security Bulletin: IBM Maximo Application Suite uses path-to-regexp-0.1.7.tgz which is vulnerable to CVE-2024-45296.

Summary IBM Maximo Application Suite uses path-to-regexp-0.1.7.tgz which is vulnerable to CVE-2024-45296. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-45296 DESCRIPTION: path-to-regexp turns path strings into a regular...

7.5CVSS6.1AI score0.00932EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.14 views

Security Bulletin: A vulnerability in react affects IBM Robotic Process Automation and may result in a denial of service (CVE-2024-45296).

Summary A vulnerability in React affects IBM Robotic Process Automation and may result in a denial of service. React is used by IBM Robotic Process Automation as part of it's UI Framework. This bulletin identifies the security fix to apply to address the vulnerability. Vulnerability Details...

7.5CVSS7.1AI score0.00932EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.23 views

Security Bulletin: IBM Security SOAR is vulnerable to denial of service (CVE-2024-45296)

Summary IBM Security SOAR was using a UI component which contained a vulnerability that could lead to a client-side regular expression denial of service CVE-2024-45296. The vulnerable component has been removed from the UI. Please upgrade to IBM Security SOAR version 51.0.4.0 or later...

7.5CVSS7.1AI score0.00932EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.26 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service due to pillarjs Path-to-RegExp (CVE-2024-45296).

Summary IBM App Connect Enterprise is vulnerable to a denial of service due to pillarjs Path-to-RegExp CVE-2024-45296. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-45296 DESCRIPTION: pillarjs Path-to-RegExp is vulnerable to a denial...

7.5CVSS7.4AI score0.00932EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.22 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to path-to-regexp-1.8.0.tgz, path-to-regexp-0.1.7.tgz CVE-2024-45296

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to path-to-regexp-1.8.0.tgz, path-to-regexp-0.1.7.tgz CVE-2024-45296. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-45296 DESCRIPTION: pillarjs Path-to-RegExp i...

7.5CVSS6.7AI score0.00932EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.22 views

Security Bulletin: A pillarjs path-to-regexp vulnerability affects IBM Safer Payments (CVE-2024-45296)

Summary pillarjs path-to-regexp is used by IBM Safer Payments as part of UI navigation routes. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2024-45296 DESCRIPTION: pillarjs Path-to-RegExp is vulnerable to a denial of service, caused by a regular expression denial of...

7.5CVSS7.1AI score0.00932EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.30 views

Security Bulletin: IBM DataPower Gateway vulnerable to Denial of Service (CVE-2024-45296)

Summary pillarjs Path-to-RegExp is used by IBM DataPower Gateway as part of the DataPower UI CVE-2024-45296 Vulnerability Details CVEID:CVE-2024-45296 DESCRIPTION: pillarjs Path-to-RegExp is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw. By sending...

7.5CVSS6.5AI score0.00932EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.15 views

Security Bulletin: Vulnerable version of path-regexp shipped with IBM Business Automation Workflow - CVE-2024-45296

Summary IBM Business Automation Workflow packages a vulnerable version of path-to-regex in IBM Business Automation Workflow Configuration Editor and the most recent version of Process Admin Console. Vulnerability Details CVEID:CVE-2024-45296 DESCRIPTION: pillarjs Path-to-RegExp is vulnerable to a...

7.5CVSS7.1AI score0.00932EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.14 views

Security Bulletin: IBM Decision Optimization for Cloud Pak for Data is vulnerable to a denial of service (CVE-2024-45296)

Summary There is a vulnerability in pillarjs Path-to-RegExp used by IBM Decision Optimization for IBM Cloud Pak for Data. IBM Decision Optimization for IBM Cloud Pak for Data has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-45296 DESCRIPTION: pillarjs Path-to-RegExp is...

7.5CVSS7.1AI score0.00932EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/12/09 7:15 p.m.17 views

Security Bulletin: IBM Business Automation Navigator is affected by a vulnerability in path-to-regexp (CVE-2024-45296)

Summary IBM Business Automation Navigator has addressed the following vulnerability. This does not impact IBM Content Navigator on-prem. Vulnerability Details CVEID:CVE-2024-45296 DESCRIPTION: pillarjs Path-to-RegExp is vulnerable to a denial of service, caused by a regular expression denial of...

7.5CVSS7.3AI score0.00932EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/12/05 11:15 p.m.2 views

UBUNTU-CVE-2024-52798

path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. The regular expression that is vulnerable to backtracking can be generated in the 0.1.x release of path-to-regexp. Upgra...

8.7CVSS6.7AI score0.00792EPSS
Exploits0References4
Rows per page
Query Builder