Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary

IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities including those in Node.js, IBM WebSphere Application Server Liberty and various other libraries.

Vulnerability Details

CVEID:CVE-2022-3171
**DESCRIPTION:**protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for binary and text format data. By sending non-repeated embedded messages with repeated or unknown fields, a remote authenticated attacker could exploit this vulnerability to cause long garbage collection pauses.
CVSS Base score: 5.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/238394 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2016-3709
**DESCRIPTION:**GNOME libxml2 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the KippoInput.class.php script. A remote attacker could exploit this vulnerability using the $file_link parameter to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVSS Base score: 7.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/232446 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)

CVEID:CVE-2020-35525
**DESCRIPTION:**SQlite is vulnerable to a denial of service, caused by a NULL pointer derreference flaw in the INTERSEC query processing. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/235225 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2020-35527
**DESCRIPTION:**SQlite could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds memory access flaw through ALTER TABLE for views that have a nested FROM clause… By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/235226 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-1304
**DESCRIPTION:**e2fsprogs could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read/write vulnerability. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a segmentation fault.
CVSS Base score: 7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/224602 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H)

CVEID:CVE-2022-2509
**DESCRIPTION:**GnuTLS is vulnerable to a denial of service, caused by a double free flaw during the verification of pkcs7 signatures in gnutls_pkcs7_verify function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/232507 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-27404
**DESCRIPTION:**FreeType is vulnerable to a buffer overflow, caused by improper bounds checking in sfnt_init_face function. By persuading a victim to open a specially-crafted file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base score: 8.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/225149 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-27405
**DESCRIPTION:**FreeType is vulnerable to a denial of service, caused by a segmentation violation in the FNT_Size_Request function. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to stop responding.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/225145 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-27406
**DESCRIPTION:**FreeType is vulnerable to a denial of service, caused by a segmentation violation in the FT_Request_Size function. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to stop responding.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/225136 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-30698
**DESCRIPTION:**NLnet Labs Unbound could allow a remote attacker to bypass security restrictions, caused by improper input validation. By utilize a novel type of the “ghost domain names” attack techniques, an attacker could exploit this vulnerability to overwrite the DNS cache to extend the TTL for the delegation data of a particular domain.
CVSS Base score: 8.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/232544 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N)

CVEID:CVE-2022-30699
**DESCRIPTION:**NLnet Labs Unbound could allow a remote attacker to bypass security restrictions, caused by improper input validation. By utilize a novel type of the “ghost domain names” attack techniques, an attacker could exploit this vulnerability to overwrite the DNS cache to extend the TTL for the delegation data of a particular domain.
CVSS Base score: 8.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/232545 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N)

CVEID:CVE-2022-3278
**DESCRIPTION:**Vim is vulnerable to a denial of service, caused by a NULL pointer dereference on destination operand eval.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/237350 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-3297
**DESCRIPTION:**Vim could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the process_next_cpt_value function in insexpand.c:3227. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/237262 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-37434
**DESCRIPTION:**zlib is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by inflate in inflate.c. By using a large gzip header extra field, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVSS Base score: 7.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/232849 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID:CVE-2022-40674
**DESCRIPTION:**libexpat could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the doContent function in xmlparse.c. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/236116 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2018-16428
**DESCRIPTION:**GNOME GLib is vulnerable to a denial of service, caused by a NULL pointer dereference in g_markup_parse_context_end_parse() in gmarkup.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/149333 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID:CVE-2021-25220
**DESCRIPTION:**ISC BIND could allow a remote attacker to bypass security restrictions, caused by an error when using DNS forwarders. An attacker could exploit this vulnerability to poison the cache with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.
CVSS Base score: 6.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/221991 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N)

Affected Products and Versions

Remediation/Fixes

Workarounds and Mitigations

None