DoS (Denial of Service) minimatch Dependency in Jira Software Data Center and Server

This High severity DoS Denial of Service vulnerability known as CVE-2022-3517 was introduced in 10.3.13 of Jira Software Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attacker to take...

EUVD-2022-7089

Malicious code in bioql PyPI...

Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to minimatch in management-console (CVE-2022-3517)

Summary minimatch package is used by IBM Storage Fusion Data Foundation in management-console. The product may be vulnerable to DOS by calling the braceExpand function with specific arguments. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data...

Linux Distros Unpatched Vulnerability : CVE-2022-3517

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand function with...

Atlassian Confluence 7.19.x < 7.19.29 / 7.20.x < 8.5.17 / 8.6.x < 8.9.8 / 9.0.x < 9.1.0 / 9.2.0 (CONFSERVER-98300)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-98300 advisory. - A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand...

Rocky Linux 9 : nodejs:18 (RLSA-2022:8832)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8832 advisory. - A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand functio...

SUSE CVE-2022-3517

A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand function with specific arguments, resulting in a Denial of Service...

Oracle Linux 9 : 18 (ELSA-2022-8832)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8832 advisory. nodejs 1:18.12.1-1 - Rebase + CVEs - Resolves: 2142809 - Resolves: 2142830, 2142856 nodejs-nodemon 2.0.20-1 - Rebase to 2.0.20 Resolves: CVE-2022-3517...

Oracle Linux 8 : nodejs:18 (ELSA-2022-8833)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8833 advisory. - Rebase to version 18.12.1 Resolves: rhbz2125580 CVE-2022-43548 CVE-2022-3517 - Rebase to version 18.9.1 Resolves: CVE-2022-35255 CVE-2022-35256...

CVE-2022-3517

A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand function with specific arguments, resulting in a Denial of Service...

CVE-2022-3517

A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand function with specific arguments, resulting in a Denial of Service...

Denial of service

A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand function with specific arguments, resulting in a Denial of Service...

CVE-2022-3517

A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand function with specific arguments, resulting in a Denial of Service...

CVE-2022-3517

A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service ReDoS when calling the braceExpand function with specific arguments, resulting in a Denial of Service...

CVE-2022-3517

CVE-2022-3517 corresponds to a minimatch ReDoS vulnerability in braceExpand. The issue is triggered by specific braceExpand inputs, enabling a Denial of Service with CVSS 3.1 v3.1 base score 7.5 (HIGH). Connected Atlassian Jira entries describe a DoS impact in Jira Software/Data Center, Server (1...