Security Bulletin: MongoDB Enterprised Advanced affected by: Inefficient Algorithmic Complexity (CVE-2026-27903, CVE-2026-27904)

Summary There are vulnerabilities in minimatch-9.0.1.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-27903, CVE-2026-27904. The vulnerability has/vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-27903 DESCRIPTION: minimatch is a minimal matching utili...

Inefficient Algorithmic Complexity

Overview Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity through the processing of a specially crafted file of approximately 2 MiB in size. An attacker can cause significant delays in processing by submitting such a file. Remediation There is no fixed versio...

Inefficient Algorithmic Complexity

Overview Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity due to an inefficient algorithmic complexity issue in the mjson parsing library when analyzing JSON content, such as with the jsonquery or jwtpayloadquery function. An attacker can cause resource...

GitLab 9.4 < 17.4.6 / 17.5 < 17.5.4 / 17.6 < 17.6.2 (CVE-2024-8233)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Inefficient Algorithmic Complexity in GitLab CVE-2024-8233 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...

CVE-2024-11828

GitLab CVE-2024-11828 affects GitLab CE/EE; DoS via crafted API calls across versions 13.2.4 up to before 17.4.5, 17.5 up to before 17.5.3, and 17.6 up to before 17.6.1. Root cause is a regression of an earlier patch leading to availability impact when processing API requests. Practical impact is...

CVE-2024-11828 Inefficient Algorithmic Complexity in GitLab

A denial of service DoS condition was discovered in GitLab CE/EE affecting all versions from 13.2.4 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. By leveraging this vulnerability an attacker could create a DoS condition by sending crafted API calls. This was a regression of an earlie...

CVE-2024-8177 Inefficient Algorithmic Complexity in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.6 prior to 17.4.5, starting from 17.5 prior to 17.5.3, starting from 17.6 prior to 17.6.1 which could cause Denial of Service via integrating a malicious harbor registry...

CVE-2024-8177

CVE-2024-8177 affects GitLab CE/EE versions 15.6–17.4.5, 17.5–17.5.3, and 17.6–17.6.1, and could cause a Denial of Service when integrating a malicious Harbor registry. The connected docs provide this vulnerability description but do not include exploitation details or patch/mitigation specifics.

CVE-2024-8177 Inefficient Algorithmic Complexity in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.6 prior to 17.4.5, starting from 17.5 prior to 17.5.3, starting from 17.6 prior to 17.6.1 which could cause Denial of Service via integrating a malicious harbor registry...

CVE-2024-8237 Inefficient Algorithmic Complexity in GitLab

A Denial of Service DoS issue has been discovered in GitLab CE/EE affecting all versions prior to 12.6 prior to 17.4.5, 17.5 prior to 17.5.3, and 17.6 prior to 17.6.1. An attacker could cause a denial of service with a crafted cargo.toml file...

CVE-2024-8237 Inefficient Algorithmic Complexity in GitLab

A Denial of Service DoS issue has been discovered in GitLab CE/EE affecting all versions prior to 12.6 prior to 17.4.5, 17.5 prior to 17.5.3, and 17.6 prior to 17.6.1. An attacker could cause a denial of service with a crafted cargo.toml file...

CVE-2024-8237

GitLab CVE-2024-8237 affects GitLab CE/EE with a DoS vulnerability triggered by a crafted cargo.toml. All versions prior to 12.6, and specifically prior to 17.4.5 in the 12.6 branch, prior to 17.5.3 in the 17.5 line, and prior to 17.6.1 in the 17.6 line, are affected. The public descriptions cons...

BIT-MODSECURITY2-2023-38285

Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity...

BIT-MODSECURITY-2023-38285

Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity...

GHSA-HFJ8-63C8-RMFW Duplicate Advisory: Inefficient Algorithmic Complexity in com.upokecenter:cbor

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-36p8-mvp6-cv38. This link is maintained to preserve external references. Original Description Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise...

Duplicate Advisory: Inefficient Algorithmic Complexity in com.upokecenter:cbor

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-36p8-mvp6-cv38. This link is maintained to preserve external references. Original Description Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise...

CVE-2024-23684 upokecenter CBOR Denial of Service

Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation CBOR versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use...

SUSE CVE-2023-38285

Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity...

Code injection

Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity...

UBUNTU-CVE-2023-38285

Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity...