Lucene search
RedhatCVELIST:CVE-2022-3517HistoryOct 17, 2022 - 12:00 a.m.
CVE-2022-3517
2022-10-1700:00:00
CWE-400
redhat
www.cve.org
2
vulnerability
minimatch package
redos
braceexpand function
dos
A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.
CNA Affected
[
{
"vendor": "n/a",
"product": "minimatch",
"versions": [
{
"version": "minimatch versions prior to 3.0.5",
"status": "affected"
}
]
}
]References
github.com/grafana/grafana-image-renderer/issues/329
github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6
lists.debian.org/debian-lts-announce/2023/01/msg00011.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTEUUTNIEBHGKUKKLNUZSV7IEP6IP3Q3/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UM6XJ73Q3NAM5KSGCOKJ2ZIA6GUWUJLK/
Related
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS : minimatch vulnerability (USN-6086-1)
2023-05-18 00:00:00
RHEL 6 : nodejs-minimatch (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 7 : nodejs-minimatch (Unpatched Vulnerability)
2024-05-11 00:00:00
ibm
ibm
Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to minimatch CVE-2022-3517
2023-01-30 15:06:37
debiancve
debiancve
CVE-2022-3517
2022-10-17 20:15:09
redos
redos
ROS-20230504-03
2023-05-04 00:00:00
osv
osv
node-minimatch vulnerability
2023-05-18 08:22:39
minimatch ReDoS vulnerability
2022-10-18 12:00:32
node-minimatch - security update
2023-01-15 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6086-1)
2023-05-19 00:00:00
Debian: Security Advisory (DLA-3271-1)
2023-01-16 00:00:00
Fedora: Security Advisory for yarnpkg (FEDORA-2023-ce8943223c)
2023-01-22 00:00:00
nvd
nvd
CVE-2022-3517
2022-10-17 20:15:09
debian
debian
[SECURITY] [DLA 3271-1] node-minimatch security update
2023-01-15 15:25:44
ubuntucve
ubuntucve
CVE-2022-3517
2022-10-17 00:00:00
cve
cve
CVE-2022-3517
2022-10-17 20:15:09
prion
prion
Denial of service
2022-10-17 20:15:00
ubuntu
ubuntu
minimatch vulnerability
2023-05-18 00:00:00
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2022-11-16 23:15:34
github
github
minimatch ReDoS vulnerability
2022-10-18 12:00:32
redhatcve
redhatcve
CVE-2022-3517
2022-10-14 19:28:54
almalinux
almalinux
Moderate: nodejs:18 security, bug fix, and enhancement update
2022-12-06 00:00:00
Moderate: nodejs:18 security, bug fix, and enhancement update
2022-12-06 00:00:00
oraclelinux
oraclelinux
nodejs:18 security, bug fix, and enhancement update
2022-12-09 00:00:00
nodejs:18 security, bug fix, and enhancement update
2022-12-08 00:00:00
nodejs and nodejs-nodemon security, bug fix, and enhancement update
2023-01-24 00:00:00
rocky
rocky
nodejs:18 security, bug fix, and enhancement update
2022-12-06 15:25:25
nodejs:18 security, bug fix, and enhancement update
2022-12-06 15:25:28
nodejs and nodejs-nodemon security, bug fix, and enhancement update
2023-01-23 14:30:11
redhat
redhat
fedora
fedora
[SECURITY] Fedora 37 Update: yarnpkg-1.22.19-3.fc37
2023-01-21 03:34:16
[SECURITY] Fedora 36 Update: yarnpkg-1.22.19-3.fc36
2023-01-21 03:43:23