SUSE CVE-2024-4068

🗓️ 16 May 2024 02:23:49Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 1 Views

SUSE reports memory exhaustion in braces prior to 3.0.3 from imbalanced braces input.

Reporter	Title	Published	Views	Family All 167
IBM Security Bulletins	Security Bulletin: IBM Security QRadar EDR Software contains multiple vulnerabilities	8 Jul 202409:49	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Analytics Mobile (Android) is affected by multiple vulnerabilities	21 Oct 202415:52	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js braces	29 Jul 202421:50	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Dashboards on Cloud Pak for Data has addressed security vulnerabilities	6 May 202519:09	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Wincollect is using components with known vulnerabilities	9 Jul 202417:03	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM Data Virtualization on Cloud Pak for Data (February 2025)	15 Apr 202503:52	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities fixed in IBM Security Verify Information Queue	5 Aug 202409:25	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service due to Node.js micromatch & braces modules (CVE-2024-4067 & CVE-2024-4068)	14 Jun 202410:40	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data	15 Apr 202502:34	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js braces module denial of service vulnerability [ CVE-2024-4068]	28 Jan 202522:08	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
SUSE Linux Enterprise Server	15.3	any	pgadmin4	4.30-150300.3.18.1	pgadmin4-4.30-150300.3.18.1.noarch.rpm
SUSE Linux Enterprise Server	15.4	any	pgadmin4	4.30-150300.3.18.1	pgadmin4-4.30-150300.3.18.1.noarch.rpm
SUSE Linux Enterprise Server	15.5	any	pgadmin4	4.30-150300.3.18.1	pgadmin4-4.30-150300.3.18.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	15.3	any	pgadmin4	4.30-150300.3.18.1	pgadmin4-4.30-150300.3.18.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	15.4	any	pgadmin4	4.30-150300.3.18.1	pgadmin4-4.30-150300.3.18.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	15.5	any	pgadmin4	4.30-150300.3.18.1	pgadmin4-4.30-150300.3.18.1.noarch.rpm
OpenSUSE Leap	15.6	any	pgadmin4	8.5-150600.3.6.1	pgadmin4-8.5-150600.3.6.1.noarch.rpm
SUSE Linux Enterprise Desktop	15.6	any	pgadmin4	8.5-150600.3.6.1	pgadmin4-8.5-150600.3.6.1.noarch.rpm
SUSE Linux Enterprise Desktop	15.7	any	pgadmin4	8.5-150600.3.6.1	pgadmin4-8.5-150600.3.6.1.noarch.rpm
SUSE Linux Enterprise Server	15.6	any	pgadmin4	8.5-150600.3.6.1	pgadmin4-8.5-150600.3.6.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2024-4068
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/1224256
lists	www.lists.suse.com/pipermail/sle-security-updates/2024-October/019689.html
lists	www.lists.suse.com/pipermail/sle-updates/2025-August/041215.html
lists	www.lists.suse.com/pipermail/sle-updates/2025-April/039030.html
lists	www.lists.opensuse.org/archives/list/[email protected]/thread/IL7QOYRPFRGRS6UKU6ZYHI76FWFFUJNK/

06 Jun 2026 04:18Current

7High risk

Vulners AI Score7

CVSS 3.17.5

EPSS0.01471

memory exhaustion braces vulnerability imbalanced braces parse.js issue node package braces