What is CVE-2022-3517?

A high-severity Regular Expression Denial of Service (ReDoS) vulnerability has been identified in the Minimatch package. Organizations using affected versions should prioritize remediation to mitigate potential service disruptions.

What is the severity of CVE-2022-3517?

CVE-2022-3517 has a severity rating of HIGH with a CVSS base score of 7.5.

CVE-2022-3517 | High Vulnerability in Minimatch Package

A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service. The CVSS score of 7.5 indicates a high severity, meaning that the risk to organizations includes potential service unavailability.

This vulnerability is particularly concerning because it can be exploited without requiring any privileges or user interaction. Attackers may leverage this vulnerability to disrupt services by causing excessive resource consumption.

Given the potential impact, organizations should prioritize patching immediately. The vulnerability affects multiple configurations, including the Debian and Fedora systems.

Understanding the exploitability of this vulnerability is critical. As of now, there is no known public exploit, but the nature of the vulnerability should prompt swift action from security teams.

Vulnerability Details

The vulnerability in the minimatch package is classified under CWE-400 (Uncontrolled Resource Consumption) and CWE-1333 (Improper Handling of Length of Input). The flaw has a CVSS 3.1 vector string of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, indicating a network attack vector with low complexity and high availability impact.

This vulnerability affects various versions of the minimatch package and is specifically noted to impact Debian Linux 10.0 and Fedora versions 36 and 37.

The CVE was published on October 17, 2022, and its last modification was on May 13, 2025.

Technical Analysis

The root cause of the vulnerability lies in the minimatch package's braceExpand function, which can be exploited under specific conditions. The attack vector is network-based, and the complexity of the attack is low, making it accessible to a wide range of potential attackers.

No privileges are required to exploit this vulnerability, and user interaction is not necessary. The impact on availability is high, as successful exploitation can lead to service outages.

Risk & Impact Analysis

Real-world deployment of the minimatch package can expose organizations to significant risk, especially if the package is used in critical applications. The potential for service disruption necessitates immediate attention from security teams.

With the CVSS score of 7.5, this vulnerability falls into the high severity category, indicating that organizations should address it in their priority patch cycle.

The blast radius is potentially extensive, as many systems rely on the minimatch package for various functionalities. Organizations that fail to address this vulnerability may face service interruptions and increased operational costs.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected versions of the minimatch package are all versions prior to 3.0.5. Additionally, the Debian Linux version 10.0 and Fedora versions 36 and 37 are also vulnerable.

Mitigation & Remediation

Organizations should prioritize updating the minimatch package to version 3.0.5 or later. In cases where immediate patching is not possible, consider applying configuration hardening and network controls to mitigate the risk.

Monitoring for unusual patterns in resource usage can also help detect attempts to exploit this vulnerability. Regular security assessments and penetration testing can further bolster defenses against potential attacks.

Penetration testing services can validate the effectiveness of applied remediation measures.

Detection Guidance

Monitor logs for unusual patterns that may indicate exploitation attempts, such as excessive resource consumption or repeated calls to the braceExpand function.

Behavioral anomalies in application performance can also serve as indicators of a potential attack.

AppSecure Threat Intelligence Insight

The long-term significance of this vulnerability lies in its capacity to disrupt services without requiring sophisticated techniques. This trend highlights the need for continuous monitoring and proactive security measures.

Security teams should learn from this incident to improve their vulnerability management practices and ensure timely updates of third-party components.

For further insights on effective security practices, organizations can explore our resources on vulnerability management programs and penetration testing methodologies to strengthen their defenses.

Organizations should also consider the benefits of API security assessments to identify similar weaknesses in their systems.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2022-3517: High Vulnerability in Minimatch Package