Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 2:5 p.m.10 views

Security Bulletin: There is a vulnerability in path-to-regexp-0.1.12.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-4867)

Summary There is a vulnerability in path-to-regexp-0.1.12.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-4867 DESCRIPTION: Impact: A bad regular expression is generated any time you have three or more parameters within a single...

7.5CVSS5.8AI score0.00496EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/03/27 8:4 p.m.3 views

GHSA-37CH-88JC-XWX2 path-to-regexp vulnerable to Regular Expression Denial of Service via multiple route parameters

Impact A bad regular expression is generated any time you have three or more parameters within a single segment, separated by something that is not a period .. For example, /:a-:b-:c or /:a-:b-:c-:d. The backtrack protection added in [email protected] only prevents ambiguity for two parameter...

7.5CVSS5.9AI score0.00932EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/03/26 4:16 p.m.26 views

CVE-2026-4867 path-to-regexp vulnerable to Regular Expression Denial of Service via multiple route parameters

Impact: A bad regular expression is generated any time you have three or more parameters within a single segment, separated by something that is not a period .. For example, /:a-:b-:c or /:a-:b-:c-:d. The backtrack protection added in [email protected] only prevents ambiguity for two...

7.5CVSS0.00496EPSS
Exploits0References3
CVE
CVE
added 2026/03/26 4:16 p.m.49 views

CVE-2026-4867

CVE-2026-4867 affects the path-to-regexp library. When three or more parameters occur within a single segment (e.g., /:a-:b-:c or /:a-:b-:c-:d) a bad regular expression is generated, and the backtrack protection added in [email protected] only guards two parameters. As a result, lookaheads ca...

7.5CVSS5.9AI score0.00496EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/26 4:16 p.m.20 views

CVE-2026-4867 path-to-regexp vulnerable to Regular Expression Denial of Service via multiple route parameters

Impact: A bad regular expression is generated any time you have three or more parameters within a single segment, separated by something that is not a period .. For example, /:a-:b-:c or /:a-:b-:c-:d. The backtrack protection added in [email protected] only prevents ambiguity for two...

7.5CVSS5.9AI score0.00496EPSS
Exploits0References3
OSV
OSV
added 2026/03/26 4:16 p.m.2 views

CVE-2026-4867 path-to-regexp vulnerable to Regular Expression Denial of Service via multiple route parameters

Impact: A bad regular expression is generated any time you have three or more parameters within a single segment, separated by something that is not a period .. For example, /:a-:b-:c or /:a-:b-:c-:d. The backtrack protection added in [email protected] only prevents ambiguity for two...

7.5CVSS6.7AI score0.00932EPSS
Exploits0References5
Rows per page
Query Builder