Security Bulletin: IBM Spectrum Discover is vulnerable to multiple vulnerabilities

Summary

IBM has addressed multiple vulnerabilities in IBM Spectrum Discover. Webpack loader-utils [CVE-2022-37601] is vulnerable to execute arbitrary code on the system caused by a pollution flaw in parseQuery function. OpenStack Keystone [CVE-2021-3563] is vulnerable to bypass security restriction attack caused by an issue in application secret. UltraJSON ujson [CVE-2022-31117, CVE-2022-31116] is vulnerable to a denial of service attacks caused by an improper handling for characters and a double free flaw while reallocating the buffer. Moment [CVE-2022-31129, CVE-2022-24785] is vulnerable to a denial of service and to traverse directories on the system, caused by inefficient regular expression complexity and by improper validation of user supplied input. Node.js dicer module [CVE-2022-24434] is vulnerable to a denial of service by sending a specially-crafted form to server. Python [CVE-2022-45061, CVE-2020-10735] is vulnerable to a denial of service, caused by an unnecessary quadratic algorithm exists in one path when processing some inputs and by the failure to limit amount of digits converting text to int by the int() type in PyLong_FromString(). Python Charmers Future [CVE-2022-40899] is vulnerable to a denial of service, caused by improper input validation. Auth0 jsonwebtoken [CVE-2022-23541, CVE-2022-23539, CVE-2022-23529, CVE-2022-23540] is vulnerable to bypass security restrictions and to execute arbitrary code on the system, caused by an insecure implementation and improper input validations. Python cryptography use OpenSSL [CVE-2023-0286] is vulnerable to a denial of service, caused by a type confusion error related to X.400 address processing inside an X.509 GeneralName. decode-uri-component [CVE-2022-38900] is vulnerable to a denial of service, caused by improper input validation by the decodeComponents function. QS Express.js [CVE-2022-24999] is vulnerable to a denial of service, caused by a prototype pollution flaw in qs. Werkzeug [CVE-2023-25577, CVE-2023-23934] is vulnerable to bypass security restrictions, is vulnerable to a denial of service and is vulnerable to HTTP request smuggling, caused by improper input validation, by a flaw when parsing multipart form data with many fields and by improper parsing of HTTP requests. Node.js node-fetch module [CVE-2022-2596] is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the isOriginPotentiallyTrustworthy() function in the referrer.js script. Flask [CVE-2023-30861] is vulnerable to obtain sensitive information, caused by missing Vary: Cookie header. JSON5 [CVE-2022-46175] is vulnerable to execute arbitrary code on the system, caused by a prototype pollution flaw in the parse method. Python Packaging Authority (PyPA) Wheel [CVE-2022-40898] is vulnerable to a denial of service, caused by incorrect use of WHEEL_INFO_RE regular expression to cause a denial of service. PyJWT [CVE-2022-29217] is vulnerable to bypass security restrictions, caused by the key confusion through non-blocklisted public key formats. Zlib [CVE-2018-25032] is vulnerable to a denial of service, caused by a memory corruption in the deflate operation. pytest-dev py [CVE-2022-42969] is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw by the InfoSvnCommand argument. Protobuf [CVE-2022-1941] is vulnerable to a denial of service, caused by a parsing vulnerability for the MessageSet type in the ProtocolBuffers. d3-color(212233) is vulnerable to a denial of service, caused by improper input validation. python-requests [CVE-2023-32681] is vulnerable to obtain sensitive information, caused by the leaking of Proxy-Authorization headers to destination servers during redirects to an HTTPS origin. Pypa Setuptools [CVE-2022-40897] is vulnerable to a denial of service, caused by improper input validation. Node.js ua-parser-js module [CVE-2022-25927] is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. Node.js npm module [CVE-2022-29244] is vulnerable to obtain sensitive information, caused by an issue with ignoring root-level .gitignore & .npmignore file exclusion directives when run in a workspace or with a workspace flag. Certifi [CVE-2022-23491] have an unspecified error in with TrustCor’s ownership also operated a business that produced spyware in Certifi has an unknown impact and attack vector. PyPI cryptography package [CVE-2023-23931] is vulnerable to bypass security restrictions, caused by a memory corruption in Cipher.update_into. Sqlalchemy mako [CVE-2022-40023] is vulnerable to a denial of service, caused by a regular expression denial of service when using the Lexer class to parse. OAuthlib [CVE-2022-36087] is vulnerable to a denial of service, caused by improper input validation. Node.js got module [CVE-2022-33987] is vulnerable to bypass security restrictions, caused by an unspecified, by sending a specially-crafted request. Tornado [CVE-2023-28370] is vulnerable to conduct phishing attacks, caused by an open redirect vulnerability. Node.js express-fileupload module [CVE-2022-27140, CVE-2022-27261] is vulnerable to upload arbitrary files and to overwrite arbitrary files, caused by the improper validation of file extensions by the file upload module and by insufficient validation of user input.

Vulnerability Details

CVEID:CVE-2022-33987
**DESCRIPTION:**Node.js got module could allow a remote attacker to bypass security restrictions, caused by an unspecified. By sending a specially-crafted request, an attacker could exploit this vulnerability to perform a redirect to a UNIX socket.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/229246 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:CVE-2022-1941
**DESCRIPTION:**protobuf is vulnerable to a denial of service, caused by a parsing vulnerability for the MessageSet type in the ProtocolBuffers. By sending a specially crafted message with multiple key-value per elements, a remote attacker could exploit this vulnerability to cause a crash.
CVSS Base score: 5.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/237081 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-40898
**DESCRIPTION:**Python Packaging Authority (PyPA) Wheel is vulnerable to a denial of service. A remote attacker could exploit this vulnerability using the WHEEL_INFO_RE regular expression to cause a denial of service.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/243027 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29217
**DESCRIPTION:**PyJWT could allow a remote attacker to bypass security restrictions, caused by the key confusion through non-blocklisted public key formats. By sending a specially-crafted request, an attacker could exploit this vulnerability to choose the used signing algorithm.
CVSS Base score: 7.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227222 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)

CVEID:CVE-2022-36087
**DESCRIPTION:**OAuthlib is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted request using IPV6 URI, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/235780 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H)

CVEID:CVE-2018-25032
**DESCRIPTION:**Zlib is vulnerable to a denial of service, caused by a memory corruption in the deflate operation. By using many distant matches, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/222615 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-46175
**DESCRIPTION:**JSON5 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the parse method. By adding or modifying properties of Object.prototype using a proto or constructor payload, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CVSS Base score: 7.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/242965 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H)

CVEID:CVE-2023-32681
**DESCRIPTION:**python-requests could allow a remote attacker to obtain sensitive information, caused by the leaking of Proxy-Authorization headers to destination servers during redirects to an HTTPS origin. By persuading a victim to click on a specially crafted URL, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/256114 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N)

CVEID:CVE-2022-31117
**DESCRIPTION:**UltraJSON is vulnerable to a denial of service, caused by a double free flaw while reallocating the buffer for string decoding. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/230460 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-31116
**DESCRIPTION:**UltraJSON is vulnerable to a denial of service, caused by improper handling of invalid surrogate pair characters. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/230458 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-45061
**DESCRIPTION:**Python is vulnerable to a denial of service, caused by an unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a CPU denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/240593 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-37601
**DESCRIPTION:**webpack loader-utils could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the parseQuery function in parseQuery.js. By adding or modifying properties of Object.prototype using a proto or constructor payload, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/238763 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-24434
**DESCRIPTION:**Node.js dicer module is vulnerable to a denial of service. By sending a specially-crafted form to server, a remote attacker could exploit this vulnerability to crash the node.js service.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227085 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-0286
**DESCRIPTION:**OpenSSL is vulnerable to a denial of service, caused by a type confusion error related to X.400 address processing inside an X.509 GeneralName. By passing arbitrary pointers to a memcmp call, a remote attacker could exploit this vulnerability to read memory contents or cause a denial of service.
CVSS Base score: 8.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/246611 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H)

CVEID:CVE-2022-23541
**DESCRIPTION:**Auth0 jsonwebtoken could allow a remote authenticated attacker to bypass security restrictions, caused by an insecure implementation of key retrieval function. By sending a specially-crafted request, an attacker could exploit this vulnerability to forge Public/Private Tokens from RSA to HMAC.
CVSS Base score: 5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/242966 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L)

CVEID:CVE-2022-23539
**DESCRIPTION:**Auth0 jsonwebtoken could provide weaker than expected security, caused by an unrestricted key type issue. A remote authenticated attacker could exploit this vulnerability to allow legacy keys usage and launch further attacks on the system.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/242968 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N)

CVEID:CVE-2022-23529
**DESCRIPTION:**Auth0 jsonwebtoken could allow a remote authenticated attacker to execute arbitrary code on the system, caused by improper input validation by the jwt.verify function. By sending a specially-crafted request using the key retrieval parameter, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/242967 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-23540
**DESCRIPTION:**Auth0 jsonwebtoken could allow a remote authenticated attacker to bypass security restrictions, caused by an insecure default algorithm flaw in the jwt.verify() function. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass signature validation.
CVSS Base score: 6.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/242969 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L)

CVEID:CVE-2022-40899
**DESCRIPTION:**Python Charmers Future is vulnerable to a denial of service, caused by improper input validation. By sending crafted Set-Cookie header from malicious web server, an remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/243065 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-40023
**DESCRIPTION:**Sqlalchemy mako is vulnerable to a denial of service, caused by a regular expression denial of service when using the Lexer class to parse. By sending a victim to specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/235487 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:CVE-2022-23491
**DESCRIPTION:**An unspecified error in with TrustCor’s ownership also operated a business that produced spyware in Certifi has an unknown impact and attack vector.
CVSS Base score: 6.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/241627 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N)

CVEID:CVE-2023-23931
**DESCRIPTION:**PyPI cryptography package could allow a remote attacker to bypass security restrictions, caused by a memory corruption in Cipher.update_into. By passing an immutable python object as the outbuf, an attacker could exploit this vulnerability to bypass authentication and obtain access.
CVSS Base score: 4.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/246738 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)

CVEID:CVE-2022-31129
**DESCRIPTION:**Moment is vulnerable to a denial of service, caused by inefficient regular expression complexity. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/230690 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-25927
**DESCRIPTION:**Node.js ua-parser-js module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By sending specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/245569 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:CVE-2022-27140
**DESCRIPTION:**Node.js express-fileupload module could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions by the file upload module. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious .PHP file, which could allow the attacker to execute arbitrary PHP code on the vulnerable system.
CVSS Base score: 9.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/224372 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H)

CVEID:CVE-2022-27261
**DESCRIPTION:**Node.js express-fileupload module could allow a local authenticated attacker to overwrite arbitrary files, caused by insufficient validation of user input. By uploading files with the same name as existing files, an attacker could exploit this vulnerability to overwrite arbitrary files on the system.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/224312 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L)

CVEID:CVE-2022-2596
**DESCRIPTION:**Node.js node-fetch module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the isOriginPotentiallyTrustworthy() function in the referrer.js script. By sending specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/232616 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-40897
**DESCRIPTION:**Pypa Setuptools is vulnerable to a denial of service, caused by improper input validation. By sending request with a specially crafted regular expression, an remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/243028 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29244
**DESCRIPTION:**Node.js npm module could allow a remote authenticated attacker to obtain sensitive information, caused by an issue with ignoring root-level .gitignore & .npmignore file exclusion directives when run in a workspace or with a workspace flag. By sending a specially-crafted request using npm pack or npm publish, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVSS Base score: 5.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/228303 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N)

CVEID:CVE-2022-42969
**DESCRIPTION:**pytest-dev py is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw by the InfoSvnCommand argument. By sending a specially-crafted regex info data, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/238604 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:CVE-2023-25577
**DESCRIPTION:**Pallets Werkzeug is vulnerable to a denial of service, caused by a flaw when parsing multipart form data with many fields. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/247557 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-23934
**DESCRIPTION:**Pallets Werkzeug could allow a remote attacker to bypass security restrictions, caused by improper input validation. By sending a specially-crafted request, an attacker could exploit this vulnerability to set a cookie like =__Host-test=bad for another subdomain.
CVSS Base score: 2.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/247553 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N)

CVEID:CVE-2023-30861
**DESCRIPTION:**Pallets Flask could allow a remote attacker to obtain sensitive information, caused by missing Vary: Cookie header. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain permanent session cookie information, and use this information to launch further attacks against the affected system.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/254247 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:CVE-2022-24785
**DESCRIPTION:**Moment.js could allow a remote attacker to traverse directories on the system, caused by improper validation of user supplied input. An attacker could send a specially-crafted locale string containing “dot dot” sequences (/…/) to switch arbitrary moment locale.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/223451 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

CVEID:CVE-2022-29361
**DESCRIPTION:**Pallets Werkzeug is vulnerable to HTTP request smuggling, caused by improper parsing of HTTP requests. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.
CVSS Base score: 7.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227307 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID:CVE-2020-10735
**DESCRIPTION:**Python is vulnerable to a denial of service, caused by the failure to limit amount of digits converting text to int by the int() type in PyLong_FromString(). A remote attacker could exploit this vulnerability to consume all available resources.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/235840 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2021-3563
**DESCRIPTION:**OpenStack Keystone could allow a remote attacker to bypass security restrictions, caused by an issue with only the first 72 characters of an application secret are verified. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass password complexity which administrators may be counting on.
CVSS Base score: 9.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/234994 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)

CVEID:CVE-2022-24999
**DESCRIPTION:**Express.js Express is vulnerable to a denial of service, caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a proto or constructor payload, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/240815 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-28370
**DESCRIPTION:**Tornado could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability to redirect a victim to arbitrary Web sites.
CVSS Base score: 3.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/255985 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N)

CVEID:CVE-2022-38900
**DESCRIPTION:**decode-uri-component is vulnerable to a denial of service, caused by improper input validation by the decodeComponents function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/241069 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

**IBM X-Force ID:**212233
**DESCRIPTION:**d3-color is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted string that starts with the letter ‘A’ to the rgb() and hrc() functions, a remote attacker could exploit this vulnerability to cause a regular expression denial of service.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/212233 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

Remediation/Fixes

IBM strongly recommends addressing the vulnerability now by upgrading.

Installed versions of IBM Spectrum Discover (2.0.4, 2.0.4.1, 2.0.4.2, 2.0.4.3, 2.0.4.4,2.0.4.5,2.0.4.6) can be upgraded to fixed version using IBM Spectrum Discover 2.0.4.8 upgrader. and following the steps provided in our documentation (IBM Spectrum Discover Documentation). For Installed versions of IBM Spectrum Discover (2.0.5.1, 2.1.0) from the IBM Operator catalog in OpenShift can be upgrade to fixed version when the IBM Spectrum Discover 2.1.1 version is available in the IBM Operator Catalog

Workarounds and Mitigations

None