Lucene search
+L

8 matches found

ubuntucve
ubuntucve
added 2026/02/04 10:16 p.m.8 views

CVE-2026-25547

@isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service DoS issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated numeric brace ranges, t...

9.2CVSS6.5AI score0.00481EPSS
Exploits0References2
ibm
ibm
added 2025/04/15 3:24 a.m.27 views

Security Bulletin: IBM Fusion HCI and IBM Fusion are vulnerable to denial of service due to Node.js, isaacs node-tar, ShowdownJS

Summary IBM Fusion HCI and IBM Fusion's graphical user interface are vulnerable to a denial of service due to Node.js, isaacs node-tar, and ShowdownJS. CVE-2024-4068, CVE-2024-28863, CVE-2024-1899. Vulnerability Details CVEID:CVE-2024-4068 DESCRIPTION: Node.js braces module is vulnerable to a...

7.5CVSS6.8AI score0.01471EPSS
Exploits3Affected Software3
ibm
ibm
added 2025/04/02 5:30 p.m.14 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a denial of service in isaacs node-tar [CVE-2024-28863]

Summary IBM Watson Speech Services Cartridge is vulnerable to a denial of service in isaacs node-tar, caused by the lack of folders count validation CVE-2024-28863. Isaacs node-tar is used by our Speech utilities. This vulnerabilitiy has been addressed. Please read the details for remediation...

6.5CVSS7AI score0.00929EPSS
Exploits1Affected Software1
ibm
ibm
added 2025/04/02 5:28 p.m.9 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a denial of service in isaacs node-tar [CVE-2024-28863]

Summary IBM Watson Speech Services Cartridge is vulnerable to a denial of service in isaacs node-tar, caused by the lack of folders count validation CVE-2024-28863. Isaacs node-tar is used by our Speech microservices. This vulnerabilitiy has been addressed. Please read the details for remediation...

6.5CVSS7AI score0.00929EPSS
Exploits1Affected Software1
redhat
redhat
added 2024/11/05 5:49 p.m.5 views

node-tar: denial of service while parsing a tar file due to lack of folders depth validation

A flaw was found in ISAACS's node-tar, where it is vulnerable to a denial of service, caused by the lack of folder count validation. The vulnerability exists due to the application not properly controlling the consumption of internal resources while parsing a tar file. By sending a specially...

6.5CVSS7.4AI score0.00929EPSS
Exploits1References6
redhat
redhat
added 2024/09/03 2:29 a.m.3 views

node-tar: denial of service while parsing a tar file due to lack of folders depth validation

A flaw was found in ISAACS's node-tar, where it is vulnerable to a denial of service, caused by the lack of folder count validation. The vulnerability exists due to the application not properly controlling the consumption of internal resources while parsing a tar file. By sending a specially...

6.5CVSS7.4AI score0.00929EPSS
Exploits1References6
redhat
redhat
added 2024/08/26 8:36 a.m.3 views

node-tar: denial of service while parsing a tar file due to lack of folders depth validation

A flaw was found in ISAACS's node-tar, where it is vulnerable to a denial of service, caused by the lack of folder count validation. The vulnerability exists due to the application not properly controlling the consumption of internal resources while parsing a tar file. By sending a specially...

6.5CVSS7.4AI score0.00929EPSS
Exploits1References6
ibm
ibm
added 2024/05/31 10:42 a.m.63 views

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFix for May 2024.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 23.0.2-IF005. Vulnerability Details CVEID:CVE-2024-29025 DESCRIPTION: Netty is vulnerable to a denial of service, caused by a flaw when using the HttpPostRequestDecoder to decode a form. By sending a specially...

7CVSS7.2AI score0.0138EPSS
Exploits2Affected Software1
Rows per page
Query Builder