833 matches found
SUSE CVE-2020-28469
This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator...
SUSE CVE-2021-35065
The glob-parent package before 6.0.1 for Node.js allows ReDoS regular expression denial of service attacks against the enclosure regular expression...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js glob-parent denial of service vulnerability( CVE-2021-35065)
Summary Potential Node.js glob-parent denial of service vulnerability CVE-2021-35065 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2021-35065 DESCRIPTION: Node.js glob-parent module...
nodejs:18 security, bug fix, and enhancement update
nodejs 1:18.14.2-2 - Provide simduft - Resolves: 2159389 1:18.14.2-1 - Rebase to 18.14.2 - Resolves: 2159389 - Resolves: CVE-2022-25881, CVE-2022-4904, CVE-2023-23936, CVE-2023-24807 - Resolves: CVE-2023-23918, CVE-2023-23919, CVE-2023-23920 nodejs-nodemon 2.0.20-2 - Patch bundled glob-parent -...
golang: path/filepath: stack exhaustion in Glob
A flaw was found in golang. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This can cause an attacker to impact availability...
golang: io/fs: stack exhaustion in Glob
A flaw was found in the golang standard library, io/fs. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This could allow an attacker to impact availability...
golang: io/fs: stack exhaustion in Glob
A flaw was found in the golang standard library, io/fs. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This could allow an attacker to impact availability...
golang: path/filepath: stack exhaustion in Glob
A flaw was found in golang. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This can cause an attacker to impact availability...
Security Bulletin: Open Source Dependency Vulnerability
Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-35065 DESCRIPTION: Node.js glob-parent module is vulnerable to a denial of service, caused by an error in the enclosure regex. By sending a specially crafted string prepended with the...
glob-parent: Regular Expression Denial of Service
A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service ReDoS attacks, affecting system availability...
glob-parent: Regular Expression Denial of Service
A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service ReDoS attacks, affecting system availability...
golang: io/fs: stack exhaustion in Glob
A flaw was found in the golang standard library, io/fs. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This could allow an attacker to impact availability...
golang: path/filepath: stack exhaustion in Glob
A flaw was found in golang. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This can cause an attacker to impact availability...
SUSE CVE-2023-0341
A stack buffer overflow exists in the ecglob function of editorconfig-core-c before v0.12.6 which allowed an attacker to arbitrarily write to the stack and possibly allows remote code execution. editorconfig-core-c v0.12.6 resolved this vulnerability by bound checking all write operations over th...
glob-parent: Regular Expression Denial of Service
A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service ReDoS attacks, affecting system availability...
glob-parent: Regular Expression Denial of Service
A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service ReDoS attacks, affecting system availability...
nodejs:16 security, bug fix, and enhancement update
nodejs 1:16.19.1-1 - Rebase to 16.19.1 Resolves: rhbz2153713 Resolves: CVE-2023-23918 CVE-2023-23919 CVE-2023-23936 CVE-2023-24807 CVE-2023-23920 Resolves: CVE-2022-25881 CVE-2022-4904 nodejs-nodemon 2.0.20-3 - Patch bundled glob-parent Resolves: CVE-2021-35065...
Oracle Linux 8 : nodejs:18 (ELSA-2023-1583)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-1583 advisory. - Resolves: CVE-2022-25881, CVE-2022-4904, CVE-2023-23936, CVE-2023-24807 Tenable has extracted the preceding description block directly from the Oracl...
glob-parent: Regular Expression Denial of Service
A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service ReDoS attacks, affecting system availability...
glob-parent: Regular Expression Denial of Service
A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service ReDoS attacks, affecting system availability...