Home

CVE-2020-28469

Description

This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.913

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in IBM Cognos Analytics 11.1.6Windows
Multiple Vulnerabilities are affected in IBM Cognos Analytics 11.2.2Windows
(RHSA-2021:5171) nodejs:16 security, bug fix, and enhancement update nodejs-16.13.1-3.module+el8.5.0+13548+45d748af.x86_64.rpmLinux
(RHSA-2021:5171) nodejs:16 security, bug fix, and enhancement update nodejs-debugsource-16.13.1-3.module+el8.5.0+13548+45d748af.x86_64.rpmLinux
(RHSA-2021:5171) nodejs:16 security, bug fix, and enhancement update nodejs-devel-16.13.1-3.module+el8.5.0+13548+45d748af.x86_64.rpmLinux
(RHSA-2021:5171) nodejs:16 security, bug fix, and enhancement update nodejs-docs-16.13.1-3.module+el8.5.0+13548+45d748af.noarch.rpmLinux
(RHSA-2021:5171) nodejs:16 security, bug fix, and enhancement update nodejs-full-i18n-16.13.1-3.module+el8.5.0+13548+45d748af.x86_64.rpmLinux
(RHSA-2021:5171) nodejs:16 security, bug fix, and enhancement update nodejs-nodemon-2.0.15-1.module+el8.5.0+13548+45d748af.noarch.rpmLinux
(RHSA-2021:5171) nodejs:16 security, bug fix, and enhancement update nodejs-packaging-25-1.module+el8.5.0+10992+fac5fe06.noarch.rpmLinux
(RHSA-2021:5171) nodejs:16 security, bug fix, and enhancement update npm-8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64.rpmLinux
Nodejs update (ELSA-2021-5171) nodejs-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.x86_64.rpmLinux
Nodejs-devel update (ELSA-2021-5171) nodejs-devel-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.x86_64.rpmLinux
Nodejs-docs update (ELSA-2021-5171) nodejs-docs-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.noarch.rpmLinux
Nodejs-full-i18n update (ELSA-2021-5171) nodejs-full-i18n-16.13.1-3.0.1.module+el8.5.0+20457+52828f44.x86_64.rpmLinux
Nodejs-nodemon update (ELSA-2021-5171) nodejs-nodemon-2.0.15-1.module+el8.5.0+20457+52828f44.noarch.rpmLinux
Nodejs-packaging update (ELSA-2021-5171) nodejs-packaging-25-1.module+el8.5.0+20388+4b61e68d.noarch.rpmLinux
Npm update (ELSA-2021-5171) npm-8.1.2-1.16.13.1.3.0.1.module+el8.5.0+20457+52828f44.x86_64.rpmLinux
Nodejs update (ELSA-2022-0350) nodejs-14.18.2-2.module+el8.5.0+20489+261d51d3.x86_64.rpmLinux
Nodejs-devel update (ELSA-2022-0350) nodejs-devel-14.18.2-2.module+el8.5.0+20489+261d51d3.x86_64.rpmLinux
Nodejs-docs update (ELSA-2022-0350) nodejs-docs-14.18.2-2.module+el8.5.0+20489+261d51d3.noarch.rpmLinux
Nodejs-full-i18n update (ELSA-2022-0350) nodejs-full-i18n-14.18.2-2.module+el8.5.0+20489+261d51d3.x86_64.rpmLinux
Nodejs-nodemon update (ELSA-2022-0350) nodejs-nodemon-2.0.15-1.module+el8.5.0+20489+261d51d3.noarch.rpmLinux
Nodejs-packaging update (ELSA-2022-0350) nodejs-packaging-23-3.module+el8.3.0+7818+6cd30d85.noarch.rpmLinux
Npm update (ELSA-2022-0350) npm-6.14.15-1.14.18.2.2.module+el8.5.0+20489+261d51d3.x86_64.rpmLinux
(RHSA-2022:0350) nodejs:14 security, bug fix, and enhancement update nodejs-14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64.rpmLinux
(RHSA-2022:0350) nodejs:14 security, bug fix, and enhancement update nodejs-debugsource-14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64.rpmLinux
(RHSA-2022:0350) nodejs:14 security, bug fix, and enhancement update nodejs-devel-14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64.rpmLinux
(RHSA-2022:0350) nodejs:14 security, bug fix, and enhancement update nodejs-docs-14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch.rpmLinux
(RHSA-2022:0350) nodejs:14 security, bug fix, and enhancement update nodejs-full-i18n-14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64.rpmLinux
(RHSA-2022:0350) nodejs:14 security, bug fix, and enhancement update nodejs-nodemon-2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch.rpmLinux
(RHSA-2022:0350) nodejs:14 security, bug fix, and enhancement update npm-6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64.rpmLinux
Nodejs update (ELSA-2022-6595) nodejs-16.16.0-1.el9_0.x86_64.rpmLinux
Nodejs-docs update (ELSA-2022-6595) nodejs-docs-16.16.0-1.el9_0.noarch.rpmLinux
Nodejs-full-i18n update (ELSA-2022-6595) nodejs-full-i18n-16.16.0-1.el9_0.x86_64.rpmLinux
Nodejs-libs update (ELSA-2022-6595) nodejs-libs-16.16.0-1.el9_0.i686.rpmLinux
Nodejs-libs update (ELSA-2022-6595) nodejs-libs-16.16.0-1.el9_0.x86_64.rpmLinux
Nodejs-nodemon update (ELSA-2022-6595) nodejs-nodemon-2.0.19-1.el9_0.noarch.rpmLinux
Npm update (ELSA-2022-6595) npm-8.11.0-1.16.16.0.1.el9_0.x86_64.rpmLinux
(RHSA-2022:6595) nodejs and nodejs-nodemon security and bug fix update nodejs-16.16.0-1.el9_0.x86_64.rpmLinux
(RHSA-2022:6595) nodejs and nodejs-nodemon security and bug fix update nodejs-debugsource-16.16.0-1.el9_0.i686.rpmLinux
(RHSA-2022:6595) nodejs and nodejs-nodemon security and bug fix update nodejs-debugsource-16.16.0-1.el9_0.x86_64.rpmLinux
(RHSA-2022:6595) nodejs and nodejs-nodemon security and bug fix update nodejs-docs-16.16.0-1.el9_0.noarch.rpmLinux
(RHSA-2022:6595) nodejs and nodejs-nodemon security and bug fix update nodejs-full-i18n-16.16.0-1.el9_0.x86_64.rpmLinux
(RHSA-2022:6595) nodejs and nodejs-nodemon security and bug fix update nodejs-libs-16.16.0-1.el9_0.i686.rpmLinux
(RHSA-2022:6595) nodejs and nodejs-nodemon security and bug fix update nodejs-libs-16.16.0-1.el9_0.x86_64.rpmLinux
(RHSA-2022:6595) nodejs and nodejs-nodemon security and bug fix update nodejs-nodemon-2.0.19-1.el9_0.noarch.rpmLinux
(RHSA-2022:6595) nodejs and nodejs-nodemon security and bug fix update npm-8.11.0-1.16.16.0.1.el9_0.x86_64.rpmLinux
Uncontrolled Resource Consumption Vulnerability (CVE-2020-28469)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234