(RHSA-2022:0589) Moderate: Red Hat build of Quarkus 2.2.5 release and security update

2022-02-21T18:18:19

Description

This release of Red Hat build of Quarkus 2.2.5 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Security Fix(es): * kafka-clients: Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients (CVE-2021-38153) * kubernetes-client: Insecure deserialization in unmarshalYaml method (CVE-2021-4178) * jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck (CVE-2021-37714) * jakarta.el: jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate (CVE-2021-28170) * netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136) * netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137) * mysql-connector-java: unauthorized access to critical (CVE-2021-2471) * cron-utils: template Injection leading to unauthenticated Remote Code Execution(CVE-2021-41269) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

{"id": "RHSA-2022:0589", "vendorId": null, "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2022:0589) Moderate: Red Hat build of Quarkus 2.2.5 release and security update", "description": "This release of Red Hat build of Quarkus 2.2.5 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section.\n\nSecurity Fix(es):\n\n* kafka-clients: Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients (CVE-2021-38153)\n\n* kubernetes-client: Insecure deserialization in unmarshalYaml method (CVE-2021-4178)\n\n* jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck (CVE-2021-37714)\n\n* jakarta.el: jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate (CVE-2021-28170)\n\n* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* mysql-connector-java: unauthorized access to critical (CVE-2021-2471)\n\n* cron-utils: template Injection leading to unauthenticated Remote Code Execution(CVE-2021-41269)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2022-02-21T18:18:19", "modified": "2022-02-21T18:19:06", "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:N/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:C", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "SINGLE", "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.9}, "severity": "HIGH", "exploitabilityScore": 6.8, "impactScore": 9.2, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://access.redhat.com/errata/RHSA-2022:0589", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2021-2471", "CVE-2021-28170", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-37714", "CVE-2021-38153", "CVE-2021-41269", "CVE-2021-4178"], "immutableFields": [], "lastseen": "2022-02-22T05:32:34", "viewCount": 13, "enchantments": {"backreferences": {"references": [{"type": "cve", "idList": ["CVE-2021-28170", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-37714", "CVE-2021-41269"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-28170", "DEBIANCVE:CVE-2021-37714"]}, {"type": "freebsd", "idList": ["C9387E4D-2F5F-11EC-8BE6-D4C9EF517024"]}, {"type": "github", "idList": ["GHSA-M72M-MHQ2-9P6C", "GHSA-P9M8-27X8-RG87"]}, {"type": "githubexploit", "idList": ["1ABBFD5B-BD80-517D-91BA-3CC3F84F5664", "3331E9DB-AB7E-51DB-810F-EC25F9E89ED9"]}, {"type": "ibm", "idList": ["A88A9645C8F75892D90D8542DC9FBE5895FAA1BF48BAF9F16E2A36E690C7A8F5"]}, {"type": "nessus", "idList": ["PHOTONOS_PHSA-2021-3_0-0324_KAFKA.NASL", "PHOTONOS_PHSA-2021-3_0-0327_MYSQL.NASL", "REDHAT-RHSA-2021-3656.NASL", "REDHAT-RHSA-2021-3658.NASL", "REDHAT-RHSA-2021-4676.NASL", "REDHAT-RHSA-2021-4677.NASL"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2022"]}, {"type": "photon", "idList": ["PHSA-2021-3.0-0324", "PHSA-2021-3.0-0327"]}, {"type": "redhat", "idList": ["RHSA-2021:3534", "RHSA-2021:4679"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-28170", "RH:CVE-2021-37714", "RH:CVE-2021-41269"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:0658-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-28170", "UB:CVE-2021-37137", "UB:CVE-2021-37714"]}]}, "score": {"value": 0.4, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-2471", "CVE-2021-28170", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-37714", "CVE-2021-38153", "CVE-2021-41269"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-28170", "DEBIANCVE:CVE-2021-37136", "DEBIANCVE:CVE-2021-37137", "DEBIANCVE:CVE-2021-37714"]}, {"type": "freebsd", "idList": ["C9387E4D-2F5F-11EC-8BE6-D4C9EF517024"]}, {"type": "github", "idList": ["GHSA-3J6G-HXX5-3Q26", "GHSA-98G7-RXMF-RRXM", "GHSA-9VJP-V76F-G363", "GHSA-GRG4-WF29-R9VV", "GHSA-M72M-MHQ2-9P6C", "GHSA-P9M8-27X8-RG87", "GHSA-V6W3-2PRQ-H95F", "GHSA-W6F2-8WX4-47R5"]}, {"type": "githubexploit", "idList": ["084C8D8C-4B14-526B-9A5E-977BD4F2FBE4", "1ABBFD5B-BD80-517D-91BA-3CC3F84F5664", "3331E9DB-AB7E-51DB-810F-EC25F9E89ED9"]}, {"type": "ibm", "idList": ["0071D7109D190F08AF61415C42966955F5A2F20ACA252B48C89119BEDBFE4DE2", "2641B803CC5B6F698F27A4349942ABEEE0A931F1864DAEF1CB72FDFD279085E2", "31988A64B432846FAECF3D2D44F21A7A70DDA856ADC1A02810560151B1C9396E", "52F1AA440EAF2E0C6FDFA61BD566BC1EDE644CA8D2298715354061284841EC5E", "568E2B368CFD084DD70521225DC70F9B7FE2C3CFA4EC7D0BB5941865FBD96921", "5BE414B193D5007099D3374FA8DA8D1C67CE7C4D4ACDE8278A64CA69A7AA6961", "6473C7788923283F01B09B56E980E6BA387FEBB5AD805CB7A0466F8AB7CF3F52", "6C8567DF72CA8A25F4328377A9D305D3ACCAE181160B03E595CB767274D3C083", "70F75E7524B1704D6EBDE338C1A5FB98016CEEF82A02C5FBED49E65AC60CF084", "71AE0D5024D39B08B24A7182D24ED9015A9DA203851A438D5EF30F80E1A05C50", "777EB533D5BEA1C32E0486E7AE4845B84A52FBB7EBCDEB8E44BAF79F3C9EEAC6", "8D3B55BC79F0B30687542D934A8572E811EA359E895A6EA6E760B9427B444F8B", "954C0DFA3C09FDB996662E30772A8D20D84CFA3664BC8DD04E340E72072BB104", "968F76B061F639B6B747F38EA0B563E31C681273189E02F178403D72D7E18BAF", "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "A88A9645C8F75892D90D8542DC9FBE5895FAA1BF48BAF9F16E2A36E690C7A8F5", "B2EA2FBA4D280351FEA7F9EC1921C448D44F4D9EC613590A87A15467F7D34153", "B5B6C4769983441433B811EF3AAED6CFC993849D42BC924ECF1CCA5E34838148", "BA2D0D9B1C88AA8F13B870348943574E037A169844D44BBF01DF458E3C5B564F", "C53E4A17B59FE138EBACA71C399669AC512D80E0D95F4A2578B807A669FCED81", "DFB4A89370117A0C76AEBA610891449C199F7498B60521F9612F1A48A7736A6B", "E1EF058DD381C57091FCB459D57A4CBFF2ECF3FFB8513F20A430FCCF4C0B5BB6", "E34369A48BDB40E3444EB1830AC8F91409460E39F5F36FFA5CED77D91880982A", "E775C68CA18D51E91E688F1880BD5AF1955B5F4DF7397FA28CC721E37DAFB99A", "ED1E746B4A444761DF86B7BD074E2911879CE51C4CFBB278424F2A23E63071FA", "EDFA9D5968081EDE399774767050C178F730BD070533CFA73DE5F24F7E8E7A52", "FE6D95CEEFE9596CD6D6134F8326AB13E3C97D550B3E62F57DECDBDBC51C329A"]}, {"type": "nessus", "idList": ["CLOUDBEES-SECURITY-ADVISORY-2021-12-01.NASL", "CLOUDBEES-SECURITY-ADVISORY-2022-01-28.NASL", "OPENSUSE-2022-0658-1.NASL", "ORACLE_BPM_CPU_APR_2022.NASL", "ORACLE_COHERENCE_CPU_APR_2022.NASL", "ORACLE_MYSQL_CONNECTORS_CPU_OCT_2021.NASL", "ORACLE_NOSQL_CPU_OCT_2021.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_JAN_2022.NASL", "ORACLE_WEBCENTER_PORTAL_CPU_APR_2022.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_APR_2022.NASL", "PHOTONOS_PHSA-2021-3_0-0324_KAFKA.NASL", "PHOTONOS_PHSA-2021-3_0-0327_MYSQL.NASL", "REDHAT-RHSA-2021-3656.NASL", "REDHAT-RHSA-2021-3658.NASL", "REDHAT-RHSA-2021-4676.NASL", "REDHAT-RHSA-2021-4677.NASL", "REDHAT-RHSA-2021-5149.NASL", "REDHAT-RHSA-2021-5150.NASL", "REDHAT-RHSA-2021-5151.NASL", "REDHAT-RHSA-2022-4918.NASL", "REDHAT-RHSA-2022-4919.NASL", "SUSE_SU-2022-1142-1.NASL", "SUSE_SU-2022-1265-1.NASL"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2022", "ORACLE:CPUJAN2022", "ORACLE:CPUJUL2022", "ORACLE:CPUOCT2021"]}, {"type": "osv", "idList": ["OSV:GHSA-3J6G-HXX5-3Q26", "OSV:GHSA-98G7-RXMF-RRXM", "OSV:GHSA-9VJP-V76F-G363", "OSV:GHSA-GRG4-WF29-R9VV", "OSV:GHSA-M72M-MHQ2-9P6C", "OSV:GHSA-P9M8-27X8-RG87", "OSV:GHSA-V6W3-2PRQ-H95F", "OSV:GHSA-W6F2-8WX4-47R5"]}, {"type": "photon", "idList": ["PHSA-2021-0119", "PHSA-2021-0130", "PHSA-2021-0324", "PHSA-2021-0327", "PHSA-2021-3.0-0324", "PHSA-2021-3.0-0327"]}, {"type": "redhat", "idList": ["RHSA-2021:3466", "RHSA-2021:3467", "RHSA-2021:3468", "RHSA-2021:3471", "RHSA-2021:3516", "RHSA-2021:3534", "RHSA-2021:3656", "RHSA-2021:3658", "RHSA-2021:3660", "RHSA-2021:3959", "RHSA-2021:4676", "RHSA-2021:4677", "RHSA-2021:4679", "RHSA-2021:4851", "RHSA-2021:5127", "RHSA-2021:5128", "RHSA-2021:5129", "RHSA-2021:5134", "RHSA-2021:5149", "RHSA-2021:5150", "RHSA-2021:5151", "RHSA-2021:5154", "RHSA-2021:5170", "RHSA-2022:0138", "RHSA-2022:0146", "RHSA-2022:0219", "RHSA-2022:0467", "RHSA-2022:0469", "RHSA-2022:0501", "RHSA-2022:0520", "RHSA-2022:0737", "RHSA-2022:1013", "RHSA-2022:1029", "RHSA-2022:2216", "RHSA-2022:2217", "RHSA-2022:2218", "RHSA-2022:2232", "RHSA-2022:4918", "RHSA-2022:4919", "RHSA-2022:4922", "RHSA-2022:5532", "RHSA-2022:5606", "RHSA-2022:5903"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-2471", "RH:CVE-2021-28170", "RH:CVE-2021-37136", "RH:CVE-2021-37137", "RH:CVE-2021-37714", "RH:CVE-2021-38153", "RH:CVE-2021-41269", "RH:CVE-2021-4178"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:0658-1", "SUSE-SU-2022:1265-1", "SUSE-SU-2022:1271-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-2471", "UB:CVE-2021-28170", "UB:CVE-2021-37136", "UB:CVE-2021-37137", "UB:CVE-2021-37714", "UB:CVE-2021-38153"]}, {"type": "veracode", "idList": ["VERACODE:31748", "VERACODE:32046", "VERACODE:32047", "VERACODE:32216", "VERACODE:32983", "VERACODE:33458", "VERACODE:34580"]}]}, "vulnersScore": 0.4}, "_state": {"dependencies": 1660004461, "score": 1659963967}, "_internal": {"score_hash": "ba696c64d7e73486b9640fbdc7068e17"}, "affectedPackage": [], "vendorCvss": {"severity": "moderate"}}

{"ibm": [{"lastseen": "2022-08-04T12:47:34", "description": "## Summary\n\nNetty and Apache Kafka are dependency components shipped with the IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library for Message Bus Integrations. Information about the security vulnerability affecting Netty (CVE-2021-37137, CVE-2021-37136) and Apache Kafka (CVE-2021-38153) has been published. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-37137](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not restrict the chunk length in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause excessive memory usage, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211779](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211779>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-38153](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38153>) \n** DESCRIPTION: **Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a timing attack flaw due to the use of \"Arrays.equals\" to validate a password or key. By utilizing brute-force attack techniques, an attacker could exploit this vulnerability to obtain credentials information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209762](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209762>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-37136](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not allow size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211777](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211777>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Tivoli Netcool/OMNIbus Integration - Transport Module Common Integration Library| common-transportmodule-12_0 up to and including common-transportmodule-32_0 \n \n\n\n## Remediation/Fixes\n\nUpdated Product(s)| Version(s) \n---|--- \nIBM Tivoli Netcool/OMNIbus Integration - Transport Module Common Integration Library| [common-transportmodule-33_0](<https://www.ibm.com/support/pages/node/256461> \"common-transportmodule-33_0\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n10 Dec 2021: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSSHTQ\",\"label\":\"Tivoli Netcool\\/OMNIbus\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF051\",\"label\":\"Linux on IBM Z Systems\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"8.1.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-12-11T00:21:57", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities have been identified in open source software shipped with IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37136", "CVE-2021-37137", "CVE-2021-38153"], "modified": "2021-12-11T00:21:57", "id": "8D3B55BC79F0B30687542D934A8572E811EA359E895A6EA6E760B9427B444F8B", "href": "https://www.ibm.com/support/pages/node/6522822", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T12:45:47", "description": "## Summary\n\nOperations Dashboard is vulnerable to Netty vulnerabilities CVE-2021-37136 and CVE-2021-37137 with details of each below\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-37136](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not allow size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211777](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211777>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-37137](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not restrict the chunk length in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause excessive memory usage, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211779](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211779>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nOperations Dashboard| 2020.4.1 \n2021.1.1 \n2021.2.1 \n2021.3.1 \n \n\n\n## Remediation/Fixes\n\n**Operations Dashboard version 2020.4.1 in IBM Cloud Pak for Integration** \nUpgrade Operations Dashboard to 2020.4.1-4-eus using the Operator upgrade process described in the IBM Documentation \n<https://www.ibm.com/docs/en/cloud-paks/cp-integration/2020.4?topic=components-upgrading-operations-dashboard> \n \n**Operations Dashboard version 2021.1.1, 2021.2.1, and 2021.3.1 in IBM Cloud Pak for Integration** \nUpgrade Operations Dashboard to 2021.4.1 using the Operator upgrade process described in the IBM Documentation \n<https://www.ibm.com/docs/en/cloud-paks/cp-integration/2021.4?topic=capabilities-upgrading-integration-tracing> \n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n11 Jan 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU004\",\"label\":\"Hybrid Cloud\"},\"Product\":{\"code\":\"SSYMXC\",\"label\":\"IBM Cloud Pak for Integration\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF040\",\"label\":\"RedHat OpenShift\"}],\"Version\":\"All\",\"Edition\":\"\"}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-01-13T15:47:30", "type": "ibm", "title": "Security Bulletin: Operations Dashboard is vulnerable to Netty vulnerabilities CVE-2021-37136 and CVE-2021-37137", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37136", "CVE-2021-37137"], "modified": "2022-01-13T15:47:30", "id": "954C0DFA3C09FDB996662E30772A8D20D84CFA3664BC8DD04E340E72072BB104", "href": "https://www.ibm.com/support/pages/node/6540614", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T12:47:03", "description": "## Summary\n\nIBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Netty.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-37136](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not allow size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211777](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211777>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-37137](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not restrict the chunk length in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause excessive memory usage, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211779](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211779>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nWatson Discovery| 4.0.0-4.0.3 \nWatson Discovery| 2.0.0-2.2.1 \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Watson Discovery 4.0.4 \n\nUpgrade to IBM Watson Discovery 2.2.1 and apply cpd-watson-discovery-2.2.1-patch-6\n\n<https://cloud.ibm.com/docs/discovery-data?topic=discovery-data-install>\n\n<https://www.ibm.com/support/pages/available-patches-watson-discovery-ibm-cloud-pak-data>\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n04 Dec 2021: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud \\u0026 Data Platform\"},\"Product\":{\"code\":\"SSCLA6\",\"label\":\"Watson Discovery\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF040\",\"label\":\"RedHat OpenShift\"}],\"Version\":\"4.0.0-4.0.3, 2.0.0-2.2.1\",\"Edition\":\"\"}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-12-17T04:21:56", "type": "ibm", "title": "Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Netty", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37136", "CVE-2021-37137"], "modified": "2021-12-17T04:21:56", "id": "5BE414B193D5007099D3374FA8DA8D1C67CE7C4D4ACDE8278A64CA69A7AA6961", "href": "https://www.ibm.com/support/pages/node/6523820", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T12:37:38", "description": "## Summary\n\nSeveral security vulnerablities were found in the Apache Netty library used by several components in IBM Cloud Pak for Multicloud Management Monitoring.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-37136](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not allow size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211777](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211777>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-37137](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not restrict the chunk length in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause excessive memory usage, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211779](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211779>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-43797](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43797>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP transfer-encoding request header names. By sending a specially-crafted HTTP(S) transfer-encoding request header, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215118](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215118>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Pak for Multicloud Management Monitoring| 2.0 - 2.3 Fix Pack 4 \n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerability now by upgrading using the instructions found at <https://www.ibm.com/docs/en/cloud-paks/cp-management/2.3.x?topic=installation-upgrade.>\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n28 Jun 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSFC4F\",\"label\":\"IBM Cloud Pak for Multicloud Management\"},\"Component\":\"Monitoring\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"2.3\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-06-29T14:09:50", "type": "ibm", "title": "Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to several attack vectors due to its use of Apache Netty (CVE-2021-37136, CVE-2021-37137, CVE-2021-43797)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37136", "CVE-2021-37137", "CVE-2021-43797"], "modified": "2022-06-29T14:09:50", "id": "31988A64B432846FAECF3D2D44F21A7A70DDA856ADC1A02810560151B1C9396E", "href": "https://www.ibm.com/support/pages/node/6599641", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T12:39:21", "description": "## Summary\n\nIBM Security Guardium has fixed these vulnerabilities.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-21290](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21290>) \n** DESCRIPTION: **Netty could allow a local authenticated attacker to obtain sensitive information, caused by an insecure temp file in Unix-like systems. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197110](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197110>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-21295](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21295>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by improper validation of Content-Length header by the Http2MultiplexHandler. By sending specially crafted HTTP request headers, an attacker could exploit this vulnerability to poison a web-cache, perform an XSS attack, or obtain sensitive information from request. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197999](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197999>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-21409](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21409>) \n** DESCRIPTION: **Netty is vulnerable to request smuggling, caused by improper validation of request, caused by missing validation of content-length. By sending specially-crafted request, an attacker could exploit this vulnerability to poison a web-cache, perform an XSS attack, or obtain sensitive information from request. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199150](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199150>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-37136](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not allow size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211777](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211777>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-37137](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not restrict the chunk length in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause excessive memory usage, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211779](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211779>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Security Guardium| 11.3 \nIBM Security Guardium| 11.4 \n \n## Remediation/Fixes\n\nIBM encourages customers to update their systems promptly.\n\n** Product**| **Versions**| ** Fix** \n---|---|--- \nIBM Security Guardium| 11.3| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p360_Bundle_Mar-24-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p360_Bundle_Mar-24-2022&includeSupersedes=0&source=fc>) \nIBM Security Guardium| 11.4| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p430_Bundle_Apr-28-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p430_Bundle_Apr-28-2022&includeSupersedes=0&source=fc>) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\nJohn Zuccato, Rodney Ryan, Chris Shepherd, Nathan Roane, Vince Dragnea, Troy Fisher, Gabor Minyo, Geoffrey Owden, and Ben Goodspeed from the IBM X-Force Ethical Hacking Team.\n\n## Change History\n\n18 Apr 2022: Initial Publication \n27 May 2022: Second Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSMPHH\",\"label\":\"IBM Security Guardium\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"11.3, 11.4\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-27T17:58:00", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium is affected by a number of security vulnerabilities in Netty, which is used by Guardium (CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-37136, CVE-2021-37137)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-21290", "CVE-2021-21295", "CVE-2021-21409", "CVE-2021-37136", "CVE-2021-37137"], "modified": "2022-05-27T17:58:00", "id": "6C8567DF72CA8A25F4328377A9D305D3ACCAE181160B03E595CB767274D3C083", "href": "https://www.ibm.com/support/pages/node/6572999", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-11T04:37:22", "description": "## Summary\n\nEclipse EE4J Jakarta Expression Language is used by IBM Sterling Control Center. Eclipse EE4J Jakarta Expression Language could allow a remote attacker to bypass security restrictions, and the issue has been addressed.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-28170](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28170>) \n** DESCRIPTION: **Eclipse EE4J Jakarta Expression Language could allow a remote attacker to bypass security restrictions, caused by a flaw in the ELParserTokenManager module. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass input validation of EL expressions. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202708](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202708>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Sterling Control Center| 6.2.1.0 \nIBM Sterling Control Center| 6.2.0.0 \n \n## Remediation/Fixes\n\n**Product**\n\n| \n\n**Version**\n\n| \n\n**Remediation** \n \n---|---|--- \n \nIBM Sterling Control Center\n\n| \n\n6.2.1.0\n\n| \n\niFix07 available on [Fix Central - 6.2.1.0](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&product=ibm/Other+software/Sterling+Control+Center&release=6.2.1.0&platform=All&function=all>) \n \nIBM Sterling Control Center\n\n| \n\n6.2.0.0 \n\n\n| \n\niFix07 available on [Fix Central - 6.2.1.0](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&product=ibm/Other+software/Sterling+Control+Center&release=6.2.1.0&platform=All&function=all>)\n\nOR\n\niFix18 available on [Fix Central - 6.2.0.0](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&product=ibm/Other+software/Sterling+Control+Center&release=6.2.0.0&platform=All&function=all>)\n\nNOTE: This is the last planned 6.2.0.0 iFix release package. Please plan for future Control Center upgrades to 6.2.1.0 iFix07 (or later). \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\n## Change History\n\n26 May 2022: Initial Publication \n13 June 2022: Provided additional/optional 6.2.0.0 Remediation via upgrade to 6.2.0.0 iFix18 (last planned 6.2.0.0 iFix).\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SS9GLA\",\"label\":\"IBM Control Center\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF051\",\"label\":\"Linux on IBM Z Systems\"}],\"Version\":\"6.2.1.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB59\",\"label\":\"Sustainability Software\"}},{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SS9GLA\",\"label\":\"IBM Control Center\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF051\",\"label\":\"Linux on IBM Z Systems\"}],\"Version\":\"6.2.0.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB59\",\"label\":\"Sustainability Software\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-06-13T17:43:38", "type": "ibm", "title": "Security Bulletin: IBM Sterling Control Center is vulnerable to remote attacker security restrictions bypass due to Eclipse EE4J Jakarta Expression Language (CVE-2021-28170)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28170"], "modified": "2022-06-13T17:43:38", "id": "E1EF058DD381C57091FCB459D57A4CBFF2ECF3FFB8513F20A430FCCF4C0B5BB6", "href": "https://www.ibm.com/support/pages/node/6590301", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T12:47:52", "description": "## Summary\n\nVulnerability in IBM Event Streams through Apache Kafka key/password validation\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-38153](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38153>) \n** DESCRIPTION: **Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a timing attack flaw due to the use of \"Arrays.equals\" to validate a password or key. By utilizing brute-force attack techniques, an attacker could exploit this vulnerability to obtain credentials information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209762](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209762>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \n \nIBM Event Streams in IBM Cloud Pak for Integration\n\n| 10.0.0 \n \nIBM Event Streams in IBM Cloud Pak for Integration\n\n| 10.1.0 \n \nIBM Event Streams in IBM Cloud Pak for Integration\n\n| 10.2.0 \n \nIBM Event Streams in IBM Cloud Pak for Integration\n\n| 10.3.0 \n \nIBM Event Streams in IBM Cloud Pak for Integration\n\n| 10.3.1 \n \nIBM Event Streams in IBM Cloud Pak for Integration\n\n| 10.4.0 \n \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Event Streams 10.5.0 by following the [upgrading and migrating](<https://ibm.github.io/event-streams/installing/upgrading/> \"\" ) documentation.\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n03 Dec 2021: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSFHBB\",\"label\":\"IBM Event Streams\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF051\",\"label\":\"Linux on IBM Z Systems\"}],\"Version\":\"10.x\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-12-06T12:20:47", "type": "ibm", "title": "Security Bulletin: Vulnerability in IBM Event Streams through Apache Kafka key/password validation (CVE-2021-38153)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38153"], "modified": "2021-12-06T12:20:47", "id": "568E2B368CFD084DD70521225DC70F9B7FE2C3CFA4EC7D0BB5941865FBD96921", "href": "https://www.ibm.com/support/pages/node/6523744", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-04T12:37:53", "description": "## Summary\n\nIBM Security Guardium uses Apache Kafka in deployed agents to handle event streaming. IBM Security Guardium has fixed this vulnerability by upgrading to kafka-3.0.0-0.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-38153](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38153>) \n** DESCRIPTION: **Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a timing attack flaw due to the use of \"Arrays.equals\" to validate a password or key. By utilizing brute-force attack techniques, an attacker could exploit this vulnerability to obtain credentials information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209762](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209762>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Security Guardium| 11.0 \nIBM Security Guardium| 11.1 \nIBM Security Guardium| 11.2 \nIBM Security Guardium| 11.3 \nIBM Security Guardium| 11.4 \n \n\n\n## Remediation/Fixes\n\nIBM encourages customers to update their systems promptly. \n\n** Product**| **Versions**| ** Fix** \n---|---|--- \nIBM Security Guardium| 11.0| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p45_Bundle_May-03-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p45_Bundle_May-03-2022&includeSupersedes=0&source=fc>) \nIBM Security Guardium| 11.1| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p160_Bundle_Mar-23-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p160_Bundle_Mar-23-2022&includeSupersedes=0&source=fc>) \nIBM Security Guardium| 11.2| \n\n[http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p270_Bundle_Feb-24-2022,SqlGuard_11.0p360_Bundle_Mar-24-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p270_Bundle_Feb-24-2022,SqlGuard_11.0p360_Bundle_Mar-24-2022&includeSupersedes=0&source=fc>) \n \nIBM Security Guardium| 11.3| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p360_Bundle_Mar-24-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p360_Bundle_Mar-24-2022&includeSupersedes=0&source=fc>) \nIBM Security Guardium| 11.4| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p440_Bundle_Jun-03-2022&includeSupersedes=0&source=fc ](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p440_Bundle_Jun-03-2022&includeSupersedes=0&source=fc>) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n21 Jun 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSMPHH\",\"label\":\"IBM Security Guardium\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"11.0, 11.1, 11.2, 11.3, 11.4\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-06-23T16:48:21", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium is affected by an information leak vulnerability within Kafka (CVE-2021-38153)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38153"], "modified": "2022-06-23T16:48:21", "id": "0071D7109D190F08AF61415C42966955F5A2F20ACA252B48C89119BEDBFE4DE2", "href": "https://www.ibm.com/support/pages/node/6597973", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-04T12:40:49", "description": "## Summary\n\nA vulnerability in Kafka that is used by IBM InfoSphere Information Server is addressed.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-38153](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38153>) \n** DESCRIPTION: **Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a timing attack flaw due to the use of \"Arrays.equals\" to validate a password or key. By utilizing brute-force attack techniques, an attacker could exploit this vulnerability to obtain credentials information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209762](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209762>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nInfoSphere Information Server, Information Server on Cloud| 11.7 \n \n\n\n## Remediation/Fixes\n\n**Product** | **VRMF**| **APAR**| **Remediation** \n---|---|---|--- \nInfoSphere Information Server, InfoSphere Information Server on Cloud| 11.7| [JR64703](<http://www.ibm.com/support/docview.wss?uid=swg1JR64703> \"JR64703\" )| \\--Apply IBM InfoSphere Information Server version [11.7.1.0](<https://www.ibm.com/support/pages/node/878310>) \n\\--Apply IBM InfoSphere Information Server version [11.7.1.3](<https://www.ibm.com/support/pages/node/6498109> \"11.7.1.3\" ) \n\\--Apply Information Server [11.7.1.3 Service pack 4](<https://www.ibm.com/support/pages/node/6568469> \"11.7.1.3 Service pack 4\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n27 Apr 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSZJPZ\",\"label\":\"InfoSphere Information Server\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"11.7\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-04-27T23:08:14", "type": "ibm", "title": "Security Bulletin: A vulnerability in Kafka affects IBM InfoSphere Information Server (CVE-2021-38153)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38153"], "modified": "2022-04-27T23:08:14", "id": "777EB533D5BEA1C32E0486E7AE4845B84A52FBB7EBCDEB8E44BAF79F3C9EEAC6", "href": "https://www.ibm.com/support/pages/node/6575545", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-04T12:49:35", "description": "## Summary\n\nIBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of jsoup.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-37714](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37714>) \n** DESCRIPTION: **jsoup is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause the HTML and XML parser to get stuck, timeout, or throw unchecked exceptions resulting in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207858](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207858>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nWatson Discovery| 4.0.0 \nWatson Discovery| 2.0.0-2.2.1 \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Watson Discovery 4.0.2 \n\nUpgrade to IBM Watson Discovery 2.2.1 and apply cpd-watson-discovery-2.2.1-patch-4\n\n<https://cloud.ibm.com/docs/discovery-data?topic=discovery-data-install>\n\n<https://www.ibm.com/support/pages/available-patches-watson-discovery-ibm-cloud-pak-data>\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n15 Sep 2021: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud \\u0026 Data Platform\"},\"Product\":{\"code\":\"SSCLA6\",\"label\":\"Watson Discovery\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF040\",\"label\":\"RedHat OpenShift\"}],\"Version\":\"4.0.0, 2.0.0-2.2.1\",\"Edition\":\"\"}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-01T06:23:13", "type": "ibm", "title": "Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in jsoup", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37714"], "modified": "2021-10-01T06:23:13", "id": "52F1AA440EAF2E0C6FDFA61BD566BC1EDE644CA8D2298715354061284841EC5E", "href": "https://www.ibm.com/support/pages/node/6492219", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T12:48:09", "description": "## Summary\n\nIBM C\u00faram Social Program Management uses the jsoup libraries, for which there is a publicly known vulnerability. For this vulnerability jsoup is susceptible to a denial of service attack, caused by improper input validation.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-37714](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37714>) \n** DESCRIPTION: **jsoup is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause the HTML and XML parser to get stuck, timeout, or throw unchecked exceptions resulting in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207858](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207858>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nCuram SPM| 8.0.0 \nCuram SPM| 7.0.11 \n \n\n\n## Remediation/Fixes\n\n_Product_| _VRMF_| _Remediation/First Fix_ \n---|---|--- \nC\u00faram SPM| \n\n8.0.1\n\n| Visit IBM Fix Central and upgrade to [8.0.1](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Smarter%20Cities&product=ibm/Other+software/Curam+Social+Program+Management&release=8.0.1.0&platform=All&function=all> \"8.0.1\" ) or a subsequent 8.0.1 release. \nC\u00faram SPM| \n\n7.0.11\n\n| Visit IBM Fix Central and upgrade to [7.0.11_iFix6](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Smarter%20Cities&product=ibm/Other+software/Curam+Social+Program+Management&release=7.0.11.0_RP&platform=All&function=all> \"7.0.11_iFix6\" ) or a subsequent 7.0.11 release. \n \n## Workarounds and Mitigations\n\nFor information about all other versions, contact IBM C\u00faram Social Program Management customer support.\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n25 Nov 2021: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU014\",\"label\":\"Watson Health\"},\"Product\":{\"code\":\"SS8S5A\",\"label\":\"C&#250;ram Social Program Management\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF035\",\"label\":\"z\\/OS\"}],\"Version\":\"All\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB47\",\"label\":\"Health\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-11-25T16:13:13", "type": "ibm", "title": "Security Bulletin: Vulnerability in jsoup may affect C\u00faram Social Program Management (CVE-2021-37714)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37714"], "modified": "2021-11-25T16:13:13", "id": "C53E4A17B59FE138EBACA71C399669AC512D80E0D95F4A2578B807A669FCED81", "href": "https://www.ibm.com/support/pages/node/6519468", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T12:47:50", "description": "## Summary\n\nA vulnerabilitiy exists in jsoup used by the desktop version of IBM Process Designer. IBM Process Designer has addressed the applicable CVE.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-37714](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37714>) \n** DESCRIPTION: **jsoup is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause the HTML and XML parser to get stuck, timeout, or throw unchecked exceptions resulting in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207858](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207858>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Business Automation Workflow| 18.0.0.0 - 21.0.2 \nIBM BPM Process Designer| 8.6-8.6 CF2018.03 \nIBM BPM Process Designer| 8.5.0-8.5.7 2017.06 \n \n## Remediation/Fixes\n\nInstall interim fix JR64213 for your version:\n\n * [IBM Business Automation Workflow 21.0.0.2](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=All&platform=All&function=fixId&fixids=8.6.20021020-WS-BPMPCPD-IFJR64213&includeSupersedes=0&source=fc>)\n * [IBM Business Automation Workflow 20.0.0.2](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=All&platform=All&function=fixId&fixids=8.6.20020002-WS-BPMPCPD-IFJR64213&includeSupersedes=0&source=fc>)\n * [IBM Business Automation Workflow 19.0.0.3](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=All&platform=All&function=fixId&fixids=8.6.10019003-WS-BPMPCPD-IFJR64213&includeSupersedes=0&source=fc>)\n * [IBM Business Process Manager 8.6.0.0 CF2018.03](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=All&platform=All&function=fixId&fixids=8.6.0.201803-WS-BPMPCPD-IFJR64213&includeSupersedes=0&source=fc>)\n * [IBM Business Process Manager Advanced 8.5.7 CF2017.06](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+Business+Process+Manager+Advanced&release=All&platform=All&function=fixId&fixids=8.5.7.201706-WS-BPMPCPD-IFJR64213&includeSupersedes=0&source=fc>)\n * [IBM Business Process Manager Standard 8.5.7 CF2017.06](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+Business+Process+Manager+Standard&release=All&platform=All&function=fixId&fixids=8.5.7.201706-WS-BPMPCPD-IFJR64213&includeSupersedes=0&source=fc>)\n * [IBM Business Process Manager Express 8.5.7 CF2017.06](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+Business+Process+Manager+Express&release=All&platform=All&function=fixId&fixids=8.5.7.201706-WS-BPMPCPD-IFJR64213&includeSupersedes=0&source=fc>)\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\n## Change History\n\n06 Dec 2021: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SS3PUM\",\"label\":\"IBM Business Process Manager\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"8.6.0.0 CF2018.03\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}},{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSFTN5\",\"label\":\"IBM Business Process Manager Advanced\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"8.6, 8.5.7.CF2017.06, 8.5.7.CF2017.03, 8.5.7.CF2016.12, 8.5.7.CF2016.09, 8.5.7.CF2016.06, 8.5.7, 8.5.6.2, 8.5.6.1, 8.5.6, 8.5.5\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}},{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSFTDH\",\"label\":\"IBM Business Process Manager Standard\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"8.5.7.CF2017.06, 8.5.7.CF2017.03, 8.5.7.CF2016.12, 8.5.7.CF2016.09, 8.5.7.CF2016.06, 8.5.7, 8.5.6.2, 8.5.6.1, 8.5.6, 8.5.5\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}},{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSFTBX\",\"label\":\"IBM Business Process Manager Express\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"8.6, 8.5.7.CF2017.06, 8.5.7.CF2017.03, 8.5.7.CF2016.12, 8.5.7.CF2016.09, 8.5.7.CF2016.06, 8.5.7, 8.5.6.2, 8.5.6.1, 8.5.6, 8.5.5\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}},{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SS8JB4\",\"label\":\"IBM Business Automation Workflow\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20.0.0.1, 20.0.0.2, 21.0.1, 21.0.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-12-07T01:30:24", "type": "ibm", "title": "Security Bulletin: A CVE-2021-37714 vulnerability in jsoup affects IBM Process Designer in IBM Business Automation Workflow and IBM Business Process Manager", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37714"], "modified": "2021-12-07T01:30:24", "id": "71AE0D5024D39B08B24A7182D24ED9015A9DA203851A438D5EF30F80E1A05C50", "href": "https://www.ibm.com/support/pages/node/6523988", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-28T22:02:51", "description": "## Summary\n\nIBM Security Guardium has fixed this vulnerability.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-37714](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37714>) \n** DESCRIPTION: **jsoup is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause the HTML and XML parser to get stuck, timeout, or throw unchecked exceptions resulting in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207858](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207858>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Security Guardium| 11.0 \nIBM Security Guardium| 11.1 \nIBM Security Guardium| 11.3 \nIBM Security Guardium| 11.4 \n \n## Remediation/Fixes\n\nIBM encourages customers to update their systems promptly.\n\n** Product**| **Versions**| ** Fix** \n---|---|--- \nIBM Security Guardium| 11.0| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p45_Bundle_May-03-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p45_Bundle_May-03-2022&includeSupersedes=0&source=fc>) \nIBM Security Guardium| 11.1| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p160_Bundle_Mar-23-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p160_Bundle_Mar-23-2022&includeSupersedes=0&source=fc>) \nIBM Security Guardium| 11.3| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p360_Bundle_Mar-24-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p360_Bundle_Mar-24-2022&includeSupersedes=0&source=fc>) \nIBM Security Guardium| 11.4| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p430_Bundle_Apr-28-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p430_Bundle_Apr-28-2022&includeSupersedes=0&source=fc>) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\nJohn Zuccato, Rodney Ryan, Chris Shepherd, Nathan Roane, Vince Dragnea, Troy Fisher, Gabor Minyo, Geoffrey Owden, and Ben Goodspeed from the IBM X-Force Ethical Hacking Team.\n\n## Change History\n\n18 Apr 2022: Initial Publication \n11 May 2022: Second Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSMPHH\",\"label\":\"IBM Security Guardium\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"11.0, 11.1, 11.3, 11.4\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-11T16:25:11", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium is affected by a jsoup vulnerability (CVE-2021-37714)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37714"], "modified": "2022-05-11T16:25:11", "id": "2641B803CC5B6F698F27A4349942ABEEE0A931F1864DAEF1CB72FDFD279085E2", "href": "https://www.ibm.com/support/pages/node/6573003", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T12:37:28", "description": "## Summary\n\nThere is a vulnerability in the Fabric8 Kubernetes client. The library is used by IBM Event Streams.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-4178](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4178>) \n** DESCRIPTION: **Fabric8 Kubernetes client could allow a local authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization due to improperly configured YAML parsing. By using a specially-crafted YAML file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 6.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/222690](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222690>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Event Streams| \n\n10.4.0, 10.5.0, 11.0.0 \n \n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerability now by upgrading \n\n**IBM Event Streams (Continuous Delivery)**\n\n * Upgrade to IBM Event Streams 11.0.1 by following the [upgrading and migrating](<https://ibm.github.io/event-streams/installing/upgrading/>) documentation.\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n15 June 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSFHBB\",\"label\":\"IBM Event Streams\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF051\",\"label\":\"Linux on IBM Z Systems\"}],\"Version\":\"10.4.0, 10.5.0, 11.0.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {}, "published": "2022-07-05T11:14:46", "type": "ibm", "title": "Security Bulletin: IBM Event Streams is vulnerable to arbitrary code execution due to the Fabric8 Kubernetes client (CVE-2021-4178)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-4178"], "modified": "2022-07-05T11:14:46", "id": "70F75E7524B1704D6EBDE338C1A5FB98016CEEF82A02C5FBED49E65AC60CF084", "href": "https://www.ibm.com/support/pages/node/6601275", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-04T12:38:25", "description": "## Summary\n\nApache Kafka as used by IBM QRadar SIEM is vulnerable to information disclosure. IBM has addressed the relevant CVEs.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-38153](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38153>) \n** DESCRIPTION: **Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a timing attack flaw due to the use of \"Arrays.equals\" to validate a password or key. By utilizing brute-force attack techniques, an attacker could exploit this vulnerability to obtain credentials information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209762](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209762>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2018-17196](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17196>) \n** DESCRIPTION: **Apache Kafka could allow a remote authenticated attacker to bypass security restrictions, caused by improper input validation. By sending a specially-crafted Produce request, an attacker could exploit this vulnerability to bypass transaction/idempotent ACL validation. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/163622](<https://exchange.xforce.ibmcloud.com/vulnerabilities/163622>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM QRadar SIEM v7.3| All ApacheKafka versions before **7.3.0-QRADAR-PROTOCOL-ApacheKafka-7.3-20220429171209** \nIBM QRadar SIEM v7.4| All ApacheKafka versions before **7.4.0-QRADAR-PROTOCOL-ApacheKafka-7.4-20220429171217** \nIBM QRadar SIEM v7.5| All ApacheKafka versions before **7.5.0-QRADAR-PROTOCOL-ApacheKafka-7.5-20220429171113** \n \n \n\n\n## Remediation/Fixes\n\nIBM encourages customers to update their systems promptly. \n\nSee the **Related Information** section below for instructions on verifying your currently installed version.\n\n**Product**| **Versions**| **Fix** \n---|---|--- \nIBM QRadar SIEM| 7.3| [**7.3.0-QRADAR-PROTOCOL-ApacheKafka-7.3-20220429171209**](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=All&platform=Linux&function=fixId&fixids=7.3.0-QRADAR-PROTOCOL-ApacheKafka-7.3-20220429171209.noarch.rpm&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"7.3.0-QRADAR-PROTOCOL-ApacheKafka-7.3-20220429171209\" ) \nIBM QRadar SIEM| 7.4| [**7.4.0-QRADAR-PROTOCOL-ApacheKafka-7.4-20220429171217**](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=All&platform=Linux&function=fixId&fixids=7.4.0-QRADAR-PROTOCOL-ApacheKafka-7.4-20220429171217.noarch.rpm&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"7.4.0-QRADAR-PROTOCOL-ApacheKafka-7.4-20220429171217\" ) \nIBM QRadar SIEM| 7.5| [**7.5.0-QRADAR-PROTOCOL-ApacheKafka-7.5-20220429171113**](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=All&platform=Linux&function=fixId&fixids=7.5.0-QRADAR-PROTOCOL-ApacheKafka-7.5-20220429171113.noarch.rpm&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"7.5.0-QRADAR-PROTOCOL-ApacheKafka-7.5-20220429171113\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\nThese files were released as part of the 06 June 2022 auto update bundle. Administrators can confirm the protocol version installed on the Console from the **Auto Update** interface on the Admin tab or using `yum info Protocol-ApacheKafka `from the command-line interface to confirm the latest version is installed. \n\nFor example:\n \n \n [root@examplehost]# yum info Protocol-ApacheKafka\n Loaded plugins: product-id, search-disabled-repos\n Installed Packages\n Name : PROTOCOL-ApacheKafka\n Arch : noarch\n Version : 7.4\n Release : 20191218165336\n Size : 7.0 M\n Repo : installed\n From repo : /PROTOCOL-ApacheKafka-7.4-20191218165336.noarch\n Summary : PROTOCOL @rpm.description@ Install\n License : Proprietary.\n Description : This program installs a @rpm.description@ PROTOCOL plugin.\n \n\n## Change History\n\n07 Jun 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSBQAC\",\"label\":\"IBM QRadar SIEM\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"7.3, 7.4, 7.5\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-16T18:06:23", "type": "ibm", "title": "Security Bulletin: Apache Kafka as used by IBM QRadar SIEM is vulnerable to information disclosure (CVE-2021-38153, CVE-2018-17196)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-17196", "CVE-2021-38153"], "modified": "2022-06-16T18:06:23", "id": "6473C7788923283F01B09B56E980E6BA387FEBB5AD805CB7A0466F8AB7CF3F52", "href": "https://www.ibm.com/support/pages/node/6595739", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T12:46:04", "description": "## Summary\n\nThe vulnerabilities in Apache Kafka could allow a remote attacker to obtain sensitive information and the vulnerabilities in NGINX could provide weaker than expected security, caused by an ALPACA (application layer protocol content confusion) attack, which exploits TLS servers implementing different protocols but using compatible certificates.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-38153](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38153>) \n** DESCRIPTION: **Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a timing attack flaw due to the use of \"Arrays.equals\" to validate a password or key. By utilizing brute-force attack techniques, an attacker could exploit this vulnerability to obtain credentials information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209762](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209762>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-3618](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618>) \n** DESCRIPTION: **Sendmail, vsftpd and NGINX could provide weaker than expected security, caused by an ALPACA (application layer protocol content confusion) attack, which exploits TLS servers implementing different protocols but using compatible certificates. By using man-in the-middle attack techniques, a remote attacker with access to victim's traffic at the TCP/IP layer could redirect traffic from one subdomain to another, resulting in a valid TLS session. The session breaks the authentication of TLS and the packages become vulnerable to cross-protocol attacks. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207761](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207761>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nSpectrum Discover| 2.0.3 \nSpectrum Discover| 2.0.3.1 \nSpectrum Discover| 2.0.3.2 \nSpectrum Discover| 2.0.3.3 \nSpectrum Discover| 2.0.3.4 \nSpectrum Discover| 2.0.3.5 \nSpectrum Discover| 2.0.3.6 \nSpectrum Discover| 2.0.3.7 \nSpectrum Discover| 2.0.4 \nSpectrum Discover| 2.0.4.1 \nSpectrum Discover| 2.0.4.2 \nSpectrum Discover| 2.0.4.3 \nSpectrum Discover| 2.0.4.4 \n \n\n\n## Remediation/Fixes\n\nInstalled versions of Spectrum Discover (2.0.3, 2.0.3.1, 2.0.3.2, 2.0.3.3, 2.0.3.4, 2.0.3.5, 2.0.3.6, 2.0.4, 2.0.4.1, 2.0.4.2, 2.0.4.3) can be upgraded to fixed version using the [IBM Spectrum Discover 2.0.3.7 upgrader](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FStorageSoftware%2FIBM+Spectrum+Discover&fixids=Storage_isd-upgrader-2.0.3.7&source=SAR> \"IBM Spectrum Discover 2.0.3.7 upgrader\" ) and [IBM Spectrum Discover 2.0.4.4 upgrader.](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FStorageSoftware%2FIBM+Spectrum+Discover&fixids=Storage_isd-upgrader-2.0.4.4&source=SAR> \"IBM Spectrum Discover 2.0.4.4 upgrader.\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n26 Nov 2021: Initial Publication \n08 Nov 2022: Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU058\",\"label\":\"IBM Infrastructure w\\/TPS\"},\"Product\":{\"code\":\"SSY8AC\",\"label\":\"IBM Spectrum Discover\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF032\",\"label\":\"VM\"}],\"Version\":\"2.0.3.7,2.0.4.4\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB26\",\"label\":\"Storage\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-01-08T17:15:54", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Apache Kafka and NGINX affect IBM Spectrum Discover", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3618", "CVE-2021-38153"], "modified": "2022-01-08T17:15:54", "id": "E34369A48BDB40E3444EB1830AC8F91409460E39F5F36FFA5CED77D91880982A", "href": "https://www.ibm.com/support/pages/node/6539222", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-06-28T21:57:26", "description": "## Summary\n\nIBM Security Guardium has fixed these vulnerabilities.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-38153](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38153>) \n** DESCRIPTION: **Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a timing attack flaw due to the use of \"Arrays.equals\" to validate a password or key. By utilizing brute-force attack techniques, an attacker could exploit this vulnerability to obtain credentials information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209762](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209762>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-3712](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712>) \n** DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read when processing ASN.1 strings. By sending specially crafted data, an attacker could exploit this vulnerability to read contents of memory on the system or perform a denial of service attack. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208073](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208073>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2021-23222](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23222>) \n** DESCRIPTION: **PostgreSQL is vulnerable to a man-in-the-middle attack, caused by improper validation of user-supplied input by libpq. A remote attacker could exploit this vulnerability to launch a man-in-the-middle attack to inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/218383](<https://exchange.xforce.ibmcloud.com/vulnerabilities/218383>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-3677](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3677>) \n** DESCRIPTION: **Postgresql could allow a remote authenticated attacker to obtain sensitive information, caused by the memory disclosure in certain queries. By sending a specially-crafted query, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/221070](<https://exchange.xforce.ibmcloud.com/vulnerabilities/221070>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Security Guardium| 11.0 \nIBM Security Guardium| 11.3 \nIBM Security Guardium| 11.4 \n \n## Remediation/Fixes\n\nIBM encourages customers to update their systems promptly.\n\n** Product**| **Versions**| ** Fix** \n---|---|--- \nIBM Security Guardium| 11.0| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p45_Bundle_May-03-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p45_Bundle_May-03-2022&includeSupersedes=0&source=fc>) \nIBM Security Guardium| 11.3| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p360_Bundle_Mar-24-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p360_Bundle_Mar-24-2022&includeSupersedes=0&source=fc>) \nIBM Security Guardium| 11.4| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p430_Bundle_Apr-28-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p430_Bundle_Apr-28-2022&includeSupersedes=0&source=fc>) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\n## Change History\n\n18 Apr 2022: Initial Publication \n12 May 22: Second Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSMPHH\",\"label\":\"IBM Security Guardium\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"11.0, 11.3, 11.4\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-12T17:48:54", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23222", "CVE-2021-3677", "CVE-2021-3712", "CVE-2021-38153"], "modified": "2022-05-12T17:48:54", "id": "968F76B061F639B6B747F38EA0B563E31C681273189E02F178403D72D7E18BAF", "href": "https://www.ibm.com/support/pages/node/6572989", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2022-07-27T22:05:49", "description": "## Summary\n\nIBM Cloud Transformation Advisor has addressed multiple security vulnerabilities including those in Node.js, Java SE and various other libraries.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-33879](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33879>) \n** DESCRIPTION: **Apache Tika is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the StandardsExtractingContentHandler function. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/229881](<https://exchange.xforce.ibmcloud.com/vulnerabilities/229881>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-30973](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30973>) \n** DESCRIPTION: **Apache Tika is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the StandardsText class in the StandardsExtractingContentHandler. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/227638](<https://exchange.xforce.ibmcloud.com/vulnerabilities/227638>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-16869](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16869>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw when handling unusual whitespaces before the colon in HTTP headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167672](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167672>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-20444](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20444>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by a flaw in the HttpObjectDecoder.java. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175487](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175487>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-20445](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20445>) \n** DESCRIPTION: **Netty could provide weaker than expected security, caused by non-proper handling of Content-Length and Transfer-Encoding in the HttpObjectDecoder.java. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175486](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175486>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-21295](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21295>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by improper validation of Content-Length header by the Http2MultiplexHandler. By sending specially crafted HTTP request headers, an attacker could exploit this vulnerability to poison a web-cache, perform an XSS attack, or obtain sensitive information from request. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197999](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197999>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-21409](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21409>) \n** DESCRIPTION: **Netty is vulnerable to request smuggling, caused by improper validation of request, caused by missing validation of content-length. By sending specially-crafted request, an attacker could exploit this vulnerability to poison a web-cache, perform an XSS attack, or obtain sensitive information from request. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199150](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199150>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-37136](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not allow size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211777](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211777>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-37137](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not restrict the chunk length in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause excessive memory usage, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211779](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211779>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-43797](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43797>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP transfer-encoding request header names. By sending a specially-crafted HTTP(S) transfer-encoding request header, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215118](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215118>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2020-29582](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29582>) \n** DESCRIPTION: **JetBrains Kotlin could allow a local authenticated attacker to obtain sensitive information, caused by an insecure permission flaw when creating temporary file and folder by the Java API. By gaining access to the temporary directory, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196239](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196239>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-24329](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24329>) \n** DESCRIPTION: **JetBrains Kotlin could provide weaker than expected security, caused by failing to lock dependencies for Multiplatform Gradle Projects. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/220617](<https://exchange.xforce.ibmcloud.com/vulnerabilities/220617>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Transformation Advisor| 2.0.1 - 3.2.0 \n \n\n\n## Remediation/Fixes\n\nUpgrade to 3.2.1 or later. \n\nIBM Cloud Transformation Advisor can be installed from OperatorHub page in Red Hat OpenShift Container Platform or locally following this [link](<https://www.ibm.com/cloud/architecture/tutorials/install-ibm-transformation-advisor-local> \"link\" ).\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n27 Jul 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud \\u0026 Data Platform\"},\"Product\":{\"code\":\"SS5Q6W\",\"label\":\"IBM Cloud Transformation Advisor\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"3.2\",\"Edition\":\"\"}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-07-27T15:42:43", "type": "ibm", "title": "Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16869", "CVE-2019-20444", "CVE-2019-20445", "CVE-2020-29582", "CVE-2021-21295", "CVE-2021-21409", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-43797", "CVE-2022-24329", "CVE-2022-30973", "CVE-2022-33879"], "modified": "2022-07-27T15:42:43", "id": "BA2D0D9B1C88AA8F13B870348943574E037A169844D44BBF01DF458E3C5B564F", "href": "https://www.ibm.com/support/pages/node/6607599", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-07-27T22:04:43", "description": "## Summary\n\nApache-storm, used by IBM Tivoli Network Manager, contains many internal libraries which are vulnerable to various types of CVEs. Revealing sensitive information (CVE-2021-28169), bypassing ACL validations (CVE-2018-17196), heap based buffer overflow (CVE-2015-5237), denial of service (CVE-2016-4055, CVE-2018-10237), inject arbitrary java EL expressions (CVE-2020-11002), arbitrary code execution (CVE-2020-5245). Apache-storm has been upgraded to 2.4.0 and the affected libraries are upgraded to their corresponding latest version to address the issue.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-28169](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28169>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the ConcatServlet. By sending a specially-crafted request using a doubly encoded path, an attacker could exploit this vulnerability to obtain sensitive information from protected resources within the WEB-INF directory, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203492](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203492>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-17196](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17196>) \n** DESCRIPTION: **Apache Kafka could allow a remote authenticated attacker to bypass security restrictions, caused by improper input validation. By sending a specially-crafted Produce request, an attacker could exploit this vulnerability to bypass transaction/idempotent ACL validation. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/163622](<https://exchange.xforce.ibmcloud.com/vulnerabilities/163622>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2015-5237](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5237>) \n** DESCRIPTION: **Google Protocol Buffers could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in MessageLite::SerializeToString. A remote attacker could exploit this vulnerability to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/105989](<https://exchange.xforce.ibmcloud.com/vulnerabilities/105989>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-13955](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13955>) \n** DESCRIPTION: **Apache Calcite is vulnerable to a man-in-the-middle attack, caused by disabled hostname verification for HTTPS connections in the HttpUtils#getURLConnection method. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189598](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189598>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-28170](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28170>) \n** DESCRIPTION: **Eclipse EE4J Jakarta Expression Language could allow a remote attacker to bypass security restrictions, caused by a flaw in the ELParserTokenManager module. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass input validation of EL expressions. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202708](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202708>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-4055](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4055>) \n** DESCRIPTION: **The Node.js moment module is vulnerable to a denial of service, caused by an error in the regular expression implementation. An attacker could exploit this vulnerability using a regular expression to cause the application to hang. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/112574](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112574>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-18214](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18214>) \n** DESCRIPTION: **Node.js moment module is vulnerable to a denial of service. A remote attacker could exploit this vulnerability to cause a low severity regular expression denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135364](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135364>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2018-10237](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10237>) \n** DESCRIPTION: **Google Guava is vulnerable to a denial of service, caused by improper eager allocation checks in the AtomicDoubleArray and CompoundOrdering class. By sending a specially-crafted data, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/142508](<https://exchange.xforce.ibmcloud.com/vulnerabilities/142508>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-8908](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8908>) \n** DESCRIPTION: **Guava could allow a remote authenticated attacker to bypass security restrictions, caused by a temp directory creation vulnerability in com.google.common.io.Files.createTempDir(). By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192996](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192996>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11002](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11002>) \n** DESCRIPTION: **dropwizard-validation could allow a remote attacker to execute arbitrary code on the system, caused by a server-side template injection was identified in the self-validating feature. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180592](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180592>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-5245](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5245>) \n** DESCRIPTION: **Dropwizard-Validation could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw in the self-validating feature. By injecting arbitrary Java Expression Language expressions, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/176984](<https://exchange.xforce.ibmcloud.com/vulnerabilities/176984>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nITNM| 4.2.0.x \n \n\n\n## Remediation/Fixes\n\nThis issue has been fixed in ITNM4.2 Fix Pack 15 (i.e. 4.2.0.15) available from fix central and IBM strongly recommends addressing the vulnerability now by upgrading to Fix Pack 15 . \n\nITNM Full builds\n\n[4.2.0-TIV-ITNMIP-Linux-FP0015](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FTivoli+Network+Manager+IP+Edition&fixids=4.2.0-TIV-ITNMIP-Linux-FP0015&source=SAR> \"4.2.0-TIV-ITNMIP-Linux-FP0015\" )\n\n[4.2.0-TIV-ITNMIP-zLinux-FP0015](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FTivoli+Network+Manager+IP+Edition&fixids=4.2.0-TIV-ITNMIP-zLinux-FP0015&source=SAR> \"4.2.0-TIV-ITNMIP-zLinux-FP0015\" )\n\n[4.2.0-TIV-ITNMIP-AIX-FP0015](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FTivoli+Network+Manager+IP+Edition&fixids=4.2.0-TIV-ITNMIP-AIX-FP0015&source=SAR> \"4.2.0-TIV-ITNMIP-AIX-FP0015\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n04 Jul 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSSHRK\",\"label\":\"Tivoli Network Manager IP Edition\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF051\",\"label\":\"Linux on IBM Z Systems\"}],\"Version\":\"4.2.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-07-21T04:32:57", "type": "ibm", "title": "Security Bulletin: There are multiple security vulnerabilities in Apache Storm used by IBM Tivoli Netcool Manager.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5237", "CVE-2016-4055", "CVE-2017-18214", "CVE-2018-10237", "CVE-2018-17196", "CVE-2020-11002", "CVE-2020-13955", "CVE-2020-5245", "CVE-2020-8908", "CVE-2021-28169", "CVE-2021-28170"], "modified": "2022-07-21T04:32:57", "id": "EDFA9D5968081EDE399774767050C178F730BD070533CFA73DE5F24F7E8E7A52", "href": "https://www.ibm.com/support/pages/node/6606205", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-06-28T22:06:30", "description": "## Summary\n\nIBM Cloud Transformation Advisor has addressed multiple security vulnerabilities including those in Node.js, swagger, jQuery, Netty, Apache commons, validator.js, Chalk ansi-regex, Json-schema, Java SE and IBM WebSphere Application Server Liberty.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44531](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531>) \n** DESCRIPTION: **Node.js could allow a remote attacker to bypass security restrictions, caused by the improper handling of URI Subject Alternative Name (SAN) types. An attacker could exploit this vulnerability to bypass name-constrained intermediates. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216930](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216930>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2022-22310](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22310>) \n** DESCRIPTION: **IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to JAX-WS applications. IBM X-Force ID: 217224. \nCVSS Base score: 4.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217224](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217224>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-25031](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25031>) \n** DESCRIPTION: **swagger-ui could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a specially-crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217346](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217346>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-46708](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46708>) \n** DESCRIPTION: **npm swagger-ui-dist could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217359](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217359>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2022-21824](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824>) \n** DESCRIPTION: **Node.js could provide weaker than expected security, caused by an error related to the formatting logic of the console.table() function. An attacker could exploit this vulnerability using console.table properties to allow an empty string to be assigned to numerical keys of the object prototype. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216933](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216933>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-44533](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533>) \n** DESCRIPTION: **Node.js could allow a remote attacker to bypass security restrictions, caused by the incorrect handling of multi-value Relative Distinguished Names. By crafting certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, an attacker could exploit this vulnerability to bypass the certificate subject verification. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216932](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216932>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-44532](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532>) \n** DESCRIPTION: **Node.js could allow a remote attacker to bypass security restrictions, caused by a string injection vulnerability when name constraints were used within a certificate chain. An attacker could exploit this vulnerability to bypass the name constraints. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216931](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216931>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-35550](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211627](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211627>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-21365](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the ImageIO component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217659](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217659>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-21360](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the ImageIO component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217654](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217654>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-21349](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21349>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the 2D component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217643](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217643>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-21341](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Serialization component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217636](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217636>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-21340](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217635](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217635>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-21305](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217600](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217600>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2022-21294](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217589](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217589>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-21293](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217588](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217588>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-21291](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217586](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217586>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2022-21248](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Serialization component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217543](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217543>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-39038](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39038>) \n** DESCRIPTION: **IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 213968. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213968](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213968>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-35603](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211676](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211676>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2015-9251](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9251>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2016-10707](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10707>) \n** DESCRIPTION: **jQuery is vulnerable to a denial of service, caused by removing a logic that lowercased attribute names. By using a mixed-cased name for boolean attributes, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138030](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138030>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-11358](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358>) \n** DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-21290](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21290>) \n** DESCRIPTION: **Netty could allow a local authenticated attacker to obtain sensitive information, caused by an insecure temp file in Unix-like systems. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197110](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197110>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-21295](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21295>) \n** DESCRIPTION: **Netty is vulnerable to HTTP request smuggling, caused by improper validation of Content-Length header by the Http2MultiplexHandler. By sending specially crafted HTTP request headers, an attacker could exploit this vulnerability to poison a web-cache, perform an XSS attack, or obtain sensitive information from request. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197999](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197999>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-21409](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21409>) \n** DESCRIPTION: **Netty is vulnerable to request smuggling, caused by improper validation of request, caused by missing validation of content-length. By sending specially-crafted request, an attacker could exploit this vulnerability to poison a web-cache, perform an XSS attack, or obtain sensitive information from request. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199150](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199150>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-29425](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425>) \n** DESCRIPTION: **Apache Commons IO could allow a remote attacker to traverse directories on the system, caused by improper input validation by the FileNameUtils.normalize method. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199852](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199852>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-32640](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32640>) \n** DESCRIPTION: **WebSockets ws library for Node.js is vulnerable to a denial of service, caused by a regular expression denial of service (ReDOS) flaw in the in Sec-Websocket-Protocol header. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a slow down on the ws server, and results in a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202549](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202549>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-37136](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not allow size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211777](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211777>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-37137](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not restrict the chunk length in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause excessive memory usage, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211779](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211779>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3765](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3765>) \n** DESCRIPTION: **validator.js is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw when calling the rtrim function. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212669](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212669>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3807](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3807>) \n** DESCRIPTION: **Chalk ansi-regex module for Node.js is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209596](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209596>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3918](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3918>) \n** DESCRIPTION: **Json-schema could allow a remote attacker to execute arbitrary code on the system, caused by an improperly controlled modification of object prototype attributes. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213750](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213750>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-0235](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0235>) \n** DESCRIPTION: **Node.js node-fetch could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw when fetching a remote url with Cookie. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217758](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217758>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Transformation Advisor| 2.0.1 - 3.0.0 \n \n\n\n## Remediation/Fixes\n\nUpgrade to 3.1.0 or later. \n\nIBM Cloud Transformation Advisor can be installed from OperatorHub page in Red Hat OpenShift Container Platform or locally following this [link](<https://www.ibm.com/cloud/architecture/tutorials/install-ibm-transformation-advisor-local> \"link\" ).\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n26 Apr 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud \\u0026 Data Platform\"},\"Product\":{\"code\":\"SS5Q6W\",\"label\":\"IBM Cloud Transformation Advisor\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"3.1\",\"Edition\":\"\"}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-05T15:38:09", "type": "ibm", "title": "Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-9251", "CVE-2016-10707", "CVE-2018-25031", "CVE-2019-11358", "CVE-2020-11022", "CVE-2020-11023", "CVE-2021-21290", "CVE-2021-21295", "CVE-2021-21409", "CVE-2021-29425", "CVE-2021-32640", "CVE-2021-35550", "CVE-2021-35603", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-3765", "CVE-2021-3807", "CVE-2021-39038", "CVE-2021-3918", "CVE-2021-44531", "CVE-2021-44532", "CVE-2021-44533", "CVE-2021-46708", "CVE-2022-0235", "CVE-2022-21248", "CVE-2022-21291", "CVE-2022-21293", "CVE-2022-21294", "CVE-2022-21305", "CVE-2022-21340", "CVE-2022-21341", "CVE-2022-21349", "CVE-2022-21360", "CVE-2022-21365", "CVE-2022-21824", "CVE-2022-22310"], "modified": "2022-05-05T15:38:09", "id": "DFB4A89370117A0C76AEBA610891449C199F7498B60521F9612F1A48A7736A6B", "href": "https://www.ibm.com/support/pages/node/6582695", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-06-28T21:58:02", "description": "## Summary\n\nThe IBM Planning Analytics Workspace component of IBM Planning Analytics is affected by security vulnerabilities. These have been addressed in IBM Planning Analytics 2.0 - IBM Planning Analytics Workspace 2.0.72.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-21366](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21366>) \n** DESCRIPTION: **Node.js xmldom module could allow a remote attacker to bypass security restrictions, caused by improper preserve of system identifiers, FPIs or namespaces during XML processing. By repeatedly parsing and serializing specially-crafted documents, an attacker could exploit this vulnerability to cause unexpected syntactic changes in some downstream applications. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198139](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198139>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-32796](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32796>) \n** DESCRIPTION: **Xmldom could provide weaker than expected security, caused by the failure to escape special characters when serializing elements removed from their ancestor. An attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206492](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206492>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-37137](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not restrict the chunk length in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause excessive memory usage, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211779](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211779>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-7598](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7598>) \n** DESCRIPTION: **minimist could provide weaker than expected security, caused by a prototype pollution flaw. By sending a specially crafted request, a remote attacker could exploit this vulnerability to add or modify properties of Object.prototype. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177780](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177780>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-3749](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3749>) \n** DESCRIPTION: **axios is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the trim function. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause an application to consume an excessive amount of CPU. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208438](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208438>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-9488](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9488>) \n** DESCRIPTION: **Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180824](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180824>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-3803](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3803>) \n** DESCRIPTION: **nth-check is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209593](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209593>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2018-10237](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10237>) \n** DESCRIPTION: **Google Guava is vulnerable to a denial of service, caused by improper eager allocation checks in the AtomicDoubleArray and CompoundOrdering class. By sending a specially-crafted data, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/142508](<https://exchange.xforce.ibmcloud.com/vulnerabilities/142508>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-8908](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8908>) \n** DESCRIPTION: **Guava could allow a remote authenticated attacker to bypass security restrictions, caused by a temp directory creation vulnerability in com.google.common.io.Files.createTempDir(). By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192996](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192996>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2016-4434](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4434>) \n** DESCRIPTION: **Apache Tika could allow a remote authenticated attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML data by the XML parser. A remote attacker could exploit this vulnerability to read arbitrary files on the system or cause a denial of service. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/113511](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113511>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2016-6809](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6809>) \n** DESCRIPTION: **Apache Tika could allow a remote attacker to execute arbitrary code on the system, caused by an error when using native deserialization on serialized Java objects embedded in MATLAB files. An attacker could exploit this vulnerability to inject and execute arbitrary code into a MATLAB file when the object is deserialized. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118756](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118756>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2018-1335](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1335>) \n** DESCRIPTION: **Apache Tika could allow a remote attacker to execute arbitrary commands on the system, caused by an error in the tika-server module. By sending specially crafted headers, an attacker could exploit this vulnerability to inject and execute arbitrary commands on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/142372](<https://exchange.xforce.ibmcloud.com/vulnerabilities/142372>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2018-1338](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1338>) \n** DESCRIPTION: **Apache Tika is vulnerable to a denial of service, caused by an error in BPGParser. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/142370](<https://exchange.xforce.ibmcloud.com/vulnerabilities/142370>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2018-1339](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1339>) \n** DESCRIPTION: **Apache Tika is vulnerable to a denial of service, caused by an error in ChmParser. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/142371](<https://exchange.xforce.ibmcloud.com/vulnerabilities/142371>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2018-11761](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11761>) \n** DESCRIPTION: **Apache Tika is vulnerable to a denial of service, caused by the failure to configure XML parsers to limit entity expansion. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/150101](<https://exchange.xforce.ibmcloud.com/vulnerabilities/150101>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-11762](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11762>) \n** DESCRIPTION: **Apache Tika could allow a remote attacker to overwrite arbitrary files on the system, caused by the failure to specify an extract directory on the commandline and the input file has an embedded file. An attacker could exploit this vulnerability to overwrite a file. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/150100](<https://exchange.xforce.ibmcloud.com/vulnerabilities/150100>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-11796](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11796>) \n** DESCRIPTION: **Apache Tika is vulnerable to a denial of service, caused by a flaw during XML parsing. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/151083](<https://exchange.xforce.ibmcloud.com/vulnerabilities/151083>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-8017](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8017>) \n** DESCRIPTION: **Apache Tika is vulnerable to a denial of service, caused by an error in the IptcAnpaParser. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/150099](<https://exchange.xforce.ibmcloud.com/vulnerabilities/150099>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-10093](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10093>) \n** DESCRIPTION: **Apache Tika is vulnerable to a denial of service, caused by a flaw in the SAXParsers. By persuading a victim to open a specially-crafted 2003ml or 2006ml file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164710](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164710>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-10088](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10088>) \n** DESCRIPTION: **Apache Tika is vulnerable to a denial of service, caused by a flaw in the RecursiveParserWrapper function. By persuading a victim to open a specially-crafted zip file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164709](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164709>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-10094](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10094>) \n** DESCRIPTION: **Apache Tika is vulnerable to a stack-based buffer overflow, caused by a flaw in the RecursiveParserWrapper function. By persuading a victim to unzip a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164711](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164711>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-1950](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1950>) \n** DESCRIPTION: **Apache Tika is vulnerable to a denial of service, caused by an excessive memory usage flaw in the PSDParser. By persuading a victim to open a specially-crafted PSD file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178088](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178088>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-1951](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1951>) \n** DESCRIPTION: **Apache Tika is vulnerable to a denial of service, caused by an error in the PSDParser. By persuading a victim to open a specially-crafted PSD file, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178089](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178089>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-28657](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28657>) \n** DESCRIPTION: **Apache Tika is vulnerable to a denial of service, caused by an infinite loop flaw in the MP3 parser. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199112](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199112>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-37136](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not allow size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211777](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211777>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-28500](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23337](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-8203](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8203>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. A remote attacker could exploit this vulnerability using the merge, mergeWith, and defaultsDeep functions to inject properties onto Object.prototype to crash the server and possibly execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183560](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183560>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-10744](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10744>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request using a constructor payload, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167415](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167415>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2018-16487](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16487>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/156530](<https://exchange.xforce.ibmcloud.com/vulnerabilities/156530>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2018-3721](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3721>) \n** DESCRIPTION: **Node.js lodash module could allow a remote attacker to bypass security restrictions, caused by a flaw in the defaultsDeep, 'merge, and mergeWith functions. By modifing the prototype of Object, an attacker could exploit this vulnerability to add or modify existing property that will exist on all objects. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144603](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144603>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-1010266](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010266>) \n** DESCRIPTION: **Lodash is vulnerable to a denial of service, caused by uncontrolled resource consumption in Date handler. By sending an overly long string, a local attacker could exploit this vulnerability to cause the application to stop responding. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168402](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168402>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** Third Party Entry: **159366 \n** DESCRIPTION: **Node.js marked module is vulnerable to a denial of service, caused by improper regular expression validation by the Email addresses. By using specially-crafted input, a remote attacker could exploit this vulnerability to cause the node process to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/159366 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159366>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** Third Party Entry: **177835 \n** DESCRIPTION: **Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper validation of input. An attacker could exploit this vulnerability using a method call to obtain sensitive information. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/177835 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177835>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** Third Party Entry: **207316 \n** DESCRIPTION: **Node.js marked module is vulnerable to a denial of service, caused by the inclusion of multiple unused capture groups in the em regex within src/rules.js file. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a Regular Expression Denial of Service (ReDoS). \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/207316 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207316>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** Third Party Entry: **213969 \n** DESCRIPTION: **Node.js ioredis module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. \nCVSS Base score: 4.2 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/213969 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213969>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L)\n\n## Affected Products and Versions\n\nIBM Planning Analytics Workspace 2.0\n\n## Remediation/Fixes\n\nIt is strongly recommended that you apply the most recent security update:\n\n[Download IBM Planning Analytics Local v2.0 - Planning Analytics Workspace Release 72 from Fix Central ](<https://www.ibm.com/support/pages/node/6528420> \"\" )\n\n \nPlease note that this update also addresses the following Apache Log4j v2.x vulnerabilities: CVE-2021-44228, CVE-2021-45046 & CVE-2021-45105 . See References.\n\n \nRemediation for IBM Planning Analytics - Planning Analytics Workspace on Cloud has completed.\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n[Security Bulletin: IBM Planning Analytics 2.0: Apache Log4j Vulnerabilities (CVE-2021-45046 & CVE-2021-45105)](<https://www.ibm.com/support/pages/node/6528790> \"Security Bulletin: IBM Planning Analytics 2.0: Apache Log4j Vulnerabilities \\(CVE-2021-45046 & CVE-2021-45105\\)\" )\n\n[Security Bulletin: IBM Planning Analytics 2.0: Apache log4j Vulnerability (CVE-2021-44228)](<https://www.ibm.com/support/pages/node/6525700> \"Security Bulletin: IBM Planning Analytics 2.0: Apache log4j Vulnerability \\(CVE-2021-44228\\)\" )\n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\n## Change History\n\n11 Jan 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSCTEW\",\"label\":\"IBM Planning Analytics Local\"},\"Component\":\"Planning Analytics Workspace\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"2.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-01-11T21:02:17", "type": "ibm", "title": "Security Bulletin: IBM Planning Analytics Workspace is affected by security vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4434", "CVE-2016-6809", "CVE-2018-10237", "CVE-2018-11761", "CVE-2018-11762", "CVE-2018-11796", "CVE-2018-1335", "CVE-2018-1338", "CVE-2018-1339", "CVE-2018-16487", "CVE-2018-3721", "CVE-2018-8017", "CVE-2019-10088", "CVE-2019-10093", "CVE-2019-10094", "CVE-2019-1010266", "CVE-2019-10744", "CVE-2020-1950", "CVE-2020-1951", "CVE-2020-28500", "CVE-2020-7598", "CVE-2020-8203", "CVE-2020-8908", "CVE-2020-9488", "CVE-2021-21366", "CVE-2021-23337", "CVE-2021-28657", "CVE-2021-32796", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-3749", "CVE-2021-3803", "CVE-2021-44228", "CVE-2021-45046", "CVE-2021-45105"], "modified": "2022-01-11T21:02:17", "id": "E775C68CA18D51E91E688F1880BD5AF1955B5F4DF7397FA28CC721E37DAFB99A", "href": "https://www.ibm.com/support/pages/node/6524700", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-04T12:47:34", "description": "## Summary\n\nIBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift may be affected by vulnerabilities in Redis, OpenSSH, Golang Go, and Apache Kafka such as bypass of security restrictions, denial of service, execution of arbitrary code, elevation of privileges, buffer overflow, and information disclosure.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-32687](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32687>) \n** DESCRIPTION: **Redis could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an integer overflow with intsets. By sending a specially-crafted request using the intsets, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/210728](<https://exchange.xforce.ibmcloud.com/vulnerabilities/210728>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-15778](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15778>) \n** DESCRIPTION: **OpenSSH could allow a remote attacker to execute arbitrary commands on the system, caused by improper input validation in the remote function in scp.c. By opening a specially crafted file containing backtick characters in the destination argument, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/185805](<https://exchange.xforce.ibmcloud.com/vulnerabilities/185805>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-33194](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33194>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by an infinite loop in golang.org/x/net/html. By sending a specially-crafted ParseFragment input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202644](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202644>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-41617](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617>) \n** DESCRIPTION: **OpenSSH could allow a local attacker to gain elevated privileges on the system, caused by an error in sshd when certain non-default configurations are used. By executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand, where a AuthorizedKeysCommandUser or AuthorizedPrincipalsCommandUser directive has been set to run the command as a non-root user, an attacker could exploit this vulnerability to gain privileges associated with group memberships of the sshd process. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/210062](<https://exchange.xforce.ibmcloud.com/vulnerabilities/210062>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-32626](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32626>) \n** DESCRIPTION: **Redis is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. By executing specially-crafted Lua scripts, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/210723](<https://exchange.xforce.ibmcloud.com/vulnerabilities/210723>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-32675](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32675>) \n** DESCRIPTION: **Redis is vulnerable to a denial of service, caused by improper input validation. By sending specially-crafted Redis Standard Protocol (RESP) requests, a remote attacker could exploit this vulnerability to allocate significant amount of memory. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/210727](<https://exchange.xforce.ibmcloud.com/vulnerabilities/210727>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-41099](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41099>) \n** DESCRIPTION: **Redis is vulnerable to an heap-based buffer overflow, caused by improper bounds checking in the underlying string library. By sending a specially-crafted request, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/210649](<https://exchange.xforce.ibmcloud.com/vulnerabilities/210649>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-38153](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38153>) \n** DESCRIPTION: **Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a timing attack flaw due to the use of \"Arrays.equals\" to validate a password or key. By utilizing brute-force attack techniques, an attacker could exploit this vulnerability to obtain credentials information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209762](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209762>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-32627](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32627>) \n** DESCRIPTION: **Redis could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an integer overflow with Streams. By sending a specially-crafted request using the proto-max-bulk-len and client-query-buffer-limit configuration parameters, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/210724](<https://exchange.xforce.ibmcloud.com/vulnerabilities/210724>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-29923](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29923>) \n** DESCRIPTION: **Golang Go could allow a remote attacker to bypass security restrictions, caused by improper consideration for extraneous zero characters at the beginning of an IP address octet. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access control based on IP addresses. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207025](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207025>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-28041](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28041>) \n** DESCRIPTION: **OpenSSH ssh-agent could allow a remote authenticated attacker to bypass security restrictions, caused by a double free flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to arbitrary hosts. \nCVSS Base score: 7.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197813](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197813>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-33196](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33196>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a flaw in the NewReader and OpenReader functions in archive/zip. By persuading a victim to open a specially-crafted archive file, a remote attacker could exploit this vulnerability to cause a panic or an unrecoverable fatal error, and results in a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206602](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206602>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-33198](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33198>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a flaw in the SetString and UnmarshalText methods of math/big.Rat. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a panic or an unrecoverable fatal error, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206604](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206604>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-34558](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34558>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by the failure to properly assert that the type of public key in an X.509 certificate matches the expected type in the crypto/tls package. By persuading a victim to connect to a specially-crafted TLS server, a remote attacker could exploit this vulnerability to cause a TLS client to panic. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205578](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205578>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-32628](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32628>) \n** DESCRIPTION: **Redis could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an integer overflow in the handling of large ziplists. By sending a specially-crafted request using the ziplist configuration parameters, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/210725](<https://exchange.xforce.ibmcloud.com/vulnerabilities/210725>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-33197](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33197>) \n** DESCRIPTION: **Golang Go could allow a remote attacker to bypass security restrictions, caused by a flaw in the ReverseProxy in net/http/httputil. By sending a specially-crafted request, an attacker could exploit this vulnerability to drop arbitrary headers, including those set by the ReverseProxy.Director. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206603](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206603>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-36221](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36221>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a race condition upon an ErrAbortHandler abort. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a net/http/httputil ReverseProxy panic. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207036](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207036>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-33195](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33195>) \n** DESCRIPTION: **Golang Go could allow a remote attacker to execute arbitrary code on the system, caused by not following RFC 1035 rules in the LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions in net. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206601](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206601>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Protect Plus Container Backup and Restore for Kubernetes| 10.1.5-10.1.8.x \nIBM Spectrum Protect Plus Container Backup and Restore for OpenShift| 10.1.7-10.1.8.x \n \n## Remediation/Fixes\n\n**IBM Spectrum Protect** \n**Plus Release**| **First Fixing** \n**VRM Level**| **Platform**| **Link to Fix** \n---|---|---|--- \n10.1| 10.1.9| Linux| <https://www.ibm.com/support/pages/node/6487159> \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\n## Change History\n\n10 December 2021: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU058\",\"label\":\"IBM Infrastructure w\\/TPS\"},\"Product\":{\"code\":\"SSNQFQ\",\"label\":\"IBM Spectrum Protect Plus\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"10.1.5, 10.1.6, 10.1.7, 10.1.8\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB26\",\"label\":\"Storage\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-10T21:55:48", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Redis, OpenSSH, Golang Go, and Apache Kafka may affect IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes and OpenShift", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15778", "CVE-2021-28041", "CVE-2021-29923", "CVE-2021-32626", "CVE-2021-32627", "CVE-2021-32628", "CVE-2021-32675", "CVE-2021-32687", "CVE-2021-33194", "CVE-2021-33195", "CVE-2021-33196", "CVE-2021-33197", "CVE-2021-33198", "CVE-2021-34558", "CVE-2021-36221", "CVE-2021-38153", "CVE-2021-41099", "CVE-2021-41617"], "modified": "2021-12-10T21:55:48", "id": "ED1E746B4A444761DF86B7BD074E2911879CE51C4CFBB278424F2A23E63071FA", "href": "https://www.ibm.com/support/pages/node/6524682", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-28T22:01:12", "description": "## Summary\n\nSecurity vulnerabilities have been addressed in IBM Cognos Analytics 11.1.7 FP5. These vulnerabilities have also been previously addressed in IBM Cognos Analytics 11.2.2. The following 3rd party components are used by IBM Cognos Analytics: Apache Axis is a Java based Web Services engine for JSON, SOAP, and WSDL (CVE-2012-5785, CVE-2012-4418, CVE-2010-1632). Dom4J is a Java-based XML parsing framework (CVE-2020-10683). Apache Commons Compress is a Java API to support various types of compression and decompression (CVE-2021-35517, CVE-2021-36090). Jupyter Notebook is an interactive computing platform across all programming languages (CVE-2021-32797, CVE-2021-32798). Netty is a Java-based non-blocking I/O networking framework (CVE-2021-37136, CVE-2021-37136). JQuery is a JavaScript library for HTML DOM tree traversal and manipulation (CVE-2021-41184, CVE-2021-41183, CVE-2021-41182). SnakeYAML is a Java-based YAML parsing and serialization library (CVE-2017-18640). Apache Hadoop is a Java based distributed computing platform supporting large data sets (CVE-2020-9492, CVE-2016-6811, CVE-2017-15713, CVE-2017-15718, CVE-2017-3166, CVE-2018-1296, CVE-2018-8029, CVE-2018-11766). CKEditor is a WYSIWYG rich text editor which can be directly inside web pages or application (CVE-2021-41164, CVE-2021-41165). Apache Jena is a Java API to read and write RDF graphs (CVE-2021-39239). Netplex json-smart is a Java-based high performance JSON-processor (CVE-2021-27568). Faster XML Jackson-Databind is a JSON to Java object conversion API (CVE-2021-20190, CVE-2020-9548, CVE-2020-9547, CVE-2020-9546, CVE-2020-8840, CVE-2020-36189, CVE-2020-36188, CVE-2020-36187, CVE-2020-36186, CVE-2020-36185, CVE-2020-36184, CVE-2020-36183, CVE-2020-36182, CVE-2020-36181, CVE-2020-36180, CVE-2020-36179, CVE-2020-35728, CVE-2020-35491, CVE-2020-35490, CVE-2020-25649, CVE-2020-24750, CVE-2020-24616, CVE-2020-14195, CVE-2020-14062, CVE-2020-14061, CVE-2020-14060, CVE-2020-11620, CVE-2020-11619, CVE-2020-11113, CVE-2020-11112, CVE-2020-11111, CVE-2020-10969, CVE-2020-10968, CVE-2020-10673, CVE-2020-10672, CVE-2019-16942, CVE-2019-16943, CVE-2019-17531). IBM Cognos Analytics is vulnerable to further attacks such remote code execution (RCE) and cross-site scripting (XSS) by not validating upload file types or user supplied data (CVE-2021-38945, CVE-2021-39047). IBM Cognos Analytics could allow a low level user to obtain sensitive information from the details of the Cloud Storage page for which they should not have access (CVE-2021-29768).\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-27568](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27568>) \n** DESCRIPTION: **Netplex json-smart-v1 and json-smart-v2 are vulnerable to a denial of service, caused by an uncaught exception flaw in NumberFormatException. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause the library to crash or obtain sensitive information. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197316](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197316>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2021-35517](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35517>) \n** DESCRIPTION: **Apache Commons Compress is vulnerable to a denial of service, caused by an out of memory error when allocating large amounts of memory. By persuading a victim to open a specially-crafted TAR archive, a remote attacker could exploit this vulnerability to cause a denial of service condition against services that use Compress' tar package. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205307](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205307>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-36090](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36090>) \n** DESCRIPTION: **Apache Commons Compress is vulnerable to a denial of service, caused by an out-of-memory error when large amounts of memory are allocated. By reading a specially-crafted ZIP archive, a remote attacker could exploit this vulnerability to cause a denial of service condition against services that use Compress' zip package. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205310](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205310>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-32798](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32798>) \n** DESCRIPTION: **Jupyter notebook is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207157](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207157>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2012-5785](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5785>) \n** DESCRIPTION: **Apache Axis2/Java, as used in multiple products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. An attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server and launch further attacks against a vulnerable target. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/79830](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79830>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2012-4418](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4418>) \n** DESCRIPTION: **Apache Axis2 could allow a remote attacker to bypass security restrictions, caused by the improper verification of signed XML messages. An attacker could exploit this vulnerability using XML signature wrapping to construct specially-crafted messages and launch further attacks on the system. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/78454](<https://exchange.xforce.ibmcloud.com/vulnerabilities/78454>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2010-1632](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1632>) \n** DESCRIPTION: **Apache Axis2/Java is vulnerable to a denial of service, caused by an error when handling XML DTD (Document Type Declaration) data. A remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 5.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/59588](<https://exchange.xforce.ibmcloud.com/vulnerabilities/59588>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:P) \n \n** CVEID: **[CVE-2021-32797](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32797>) \n** DESCRIPTION: **JupyterLab could allow a remote attacker to execute arbitrary code on the system, caused by the lack of sanitization of the action attribute of an HTML form. By persuading a victim to open a specially-crafted notebook, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207158](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207158>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-39047](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39047>) \n** DESCRIPTION: **Some IBM products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/214349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/214349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-9492](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9492>) \n** DESCRIPTION: **Apache Hadoop could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper validation of SPNEGO authorization header. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges to trigger services to send server credentials to a webhdfs path for capturing the service principal. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195656](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195656>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2016-6811](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6811>) \n** DESCRIPTION: **Apache Hadoop could allow a local attacker to gain elevated privileges on the system. By escalating to yarn user, an attacker could exploit this vulnerability to execute arbitrary commands on the system with root privileges. \nCVSS Base score: 8.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/142610](<https://exchange.xforce.ibmcloud.com/vulnerabilities/142610>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2017-15713](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15713>) \n** DESCRIPTION: **Apache Hadoop could allow a remote authenticated attacker to obtain sensitive information. By using a specially-crafted file, a remote attacker could exploit this vulnerability to expose private files. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138064](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138064>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2017-15718](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15718>) \n** DESCRIPTION: **Apache Hadoop could allow a remote attacker to obtain sensitive information, caused by a flaw in the YARN NodeManager. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain user credentials. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138211](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138211>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2017-3166](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3166>) \n** DESCRIPTION: **Apache Hadoop could allow a remote authenticated attacker to gain elevated privileges on the system, caused by a flaw in the YARN's localization mechanism. By changing access permission to world readable in an encryption zone, an attacker could exploit this vulnerability to gain access to files protected by HDFS transparent encryption. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/134627](<https://exchange.xforce.ibmcloud.com/vulnerabilities/134627>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-1296](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1296>) \n** DESCRIPTION: **Apache Hadoop could allow a remote attacker to obtain sensitive information, caused by the exposure of extended attribute key/value pairs during listXAttrs authorization by HDFS. The path-level search access to the directory is verified instead of path-level read permission to the referent. An attacker could exploit this vulnerability to obtain HDFS encryption secrets and other sensitive information. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/156090](<https://exchange.xforce.ibmcloud.com/vulnerabilities/156090>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2018-8029](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8029>) \n** DESCRIPTION: **Apache Hadoop could allow a remote authenticated attacker to gain elevated privileges on the system. An attacker could exploit this vulnerability to run arbitrary commands as root user. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161812](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161812>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-11766](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11766>) \n** DESCRIPTION: **Apache Hadoop could allow a local attacker to gain elevated privileges on the system. By escalating to yarn user, an attacker could exploit this vulnerability to execute arbitrary commands on the system with root privileges. \nCVSS Base score: 8.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/153346](<https://exchange.xforce.ibmcloud.com/vulnerabilities/153346>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-29768](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29768>) \n** DESCRIPTION: **IBM Cognos Analytics could allow a low level user to obtain sensitive information from the details of the 'Cloud Storage' page for which they should not have access. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202682](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202682>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-37136](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not allow size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211777](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211777>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-37137](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not restrict the chunk length in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause excessive memory usage, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211779](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211779>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-41184](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41184>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the .position() function. A remote attacker could exploit this vulnerability using the of parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212277](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41183](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41183>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the Text parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212276](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212276>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41182](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41182>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the altField parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212274](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212274>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-39239](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39239>) \n** DESCRIPTION: **Apache Jena could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external entity (XXE) declarations. By using a specially-crafted XML content, a remote attacker could exploit this vulnerability to read arbitrary files on the server. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209530](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209530>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-38945](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38945>) \n** DESCRIPTION: **IBM Cognos Analytics could allow a remote attacker to upload arbitrary files, caused by improper content validation. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211238](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211238>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N) \n \n** CVEID: **[CVE-2017-18640](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18640>) \n** DESCRIPTION: **SnakeYAML is vulnerable to a denial of service, caused by an entity expansion in Alias feature during a load operation. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/174331](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174331>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-10683](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10683>) \n** DESCRIPTION: **dom4j could allow a remote authenticated attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data. By sending specially crafted XML data, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181356](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181356>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-20190](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20190>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to a class(es) of JDK Swing. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195243](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195243>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9548](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9548>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9547](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9547>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177103](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177103>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9546](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9546>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177102](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177102>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-8840](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8840>) \n** DESCRIPTION: **An unspecified error with the lack of certain xbean-reflect/JNDI blocking in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/176241](<https://exchange.xforce.ibmcloud.com/vulnerabilities/176241>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-36189](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36189>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194384](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194384>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36188](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36188>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194383](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194383>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36187](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36187>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194382](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194382>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36186](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36186>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194381](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194381>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36185](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36185>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194380](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194380>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36184](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36184>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194379](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194379>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36183](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36183>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194378](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194378>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36182](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36182>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194377](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194377>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36181](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36181>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194376](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194376>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36180](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36180>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194375](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194375>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36179](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36179>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194374](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194374>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-35728](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35728>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193843](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193843>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-35491](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35491>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193394](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193394>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-35490](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35490>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193391](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193391>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-25649](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25649>) \n** DESCRIPTION: **FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2020-24750](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24750>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188470](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188470>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-24616](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24616>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/187229](<https://exchange.xforce.ibmcloud.com/vulnerabilities/187229>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14195](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14195>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in rg.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183495](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183495>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14062](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14062>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183425](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183425>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14061](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14061>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183424](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183424>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14060](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14060>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183422](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183422>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11620](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11620>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.jelly.impl.Embedded (aka commons-jelly). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179431](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179431>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11619](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11619>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179430](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179430>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11113](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11113>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11112](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11112>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178902](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178902>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11111](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11111>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10969](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10969>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in javax.swing.JEditorPane. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178546](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178546>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10968](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10968>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178544](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178544>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10673](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10673>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.caucho.config.types.ResourceRef (aka caucho-quercus). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178107](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178107>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10672](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10672>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-16942](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16942>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a polymorphic typing issue in the commons-dbcp class. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168254](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168254>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-16943](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16943>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a polymorphic typing issue in the p6spy class. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168255](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168255>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-17531](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17531>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a polymorphic typing issue when Default Typing is enabled. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169073](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169073>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-41165](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41165>) \n** DESCRIPTION: **CKEditor4 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability using the core HTML processing module to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213846](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213846>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L) \n \n** CVEID: **[CVE-2021-41164](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41164>) \n** DESCRIPTION: **CKEditor4 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability using the Advanced Content Filter (ACF) module to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213847](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213847>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L)\n\n## Affected Products and Versions\n\n[IBM](<https://www.ibm.com/support/pages/node/6587162> \"IBM\" ) Cognos Analytics 11.2.x\n\nIBM Cognos Analytics 11.1.x\n\n## Remediation/Fixes\n\n**Affected Version**| **Fix Version** \n---|--- \nIBM Cognos Analytics 11.2.x| \n\n[Downloading IBM Cognos Analytics 11.2.2](<https://www.ibm.com/support/pages/node/6564061> \"Downloading IBM Cognos Analytics 11.2.2\" ) \n \nIBM Cognos Analytics 11.1.x| \n\n[IBM Cognos Analytics 11.1.7 Fix Pack 5](<https://www.ibm.com/support/pages/node/6587162> \"IBM Cognos Analytics 11.1.7 Fix Pack 5\" ) \n \n**IBM Cognos Analytics on Cloud**\n\nThese vulnerabilities have been remediated on all IBM Cognos Analytics on Cloud environments and no further action is required.\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\n## Change History\n\n22 June 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSTSF6\",\"label\":\"Cognos Analytics\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"11.2.1, 11.2.0, 11.1.7\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-22T15:20:17", "type": "ibm", "title": "Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1632", "CVE-2012-4418", "CVE-2012-5785", "CVE-2016-6811", "CVE-2017-15713", "CVE-2017-15718", "CVE-2017-18640", "CVE-2017-3166", "CVE-2018-11766", "CVE-2018-1296", "CVE-2018-8029", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17531", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10683", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14195", "CVE-2020-24616", "CVE-2020-24750", "CVE-2020-25649", "CVE-2020-35490", "CVE-2020-35491", "CVE-2020-35728", "CVE-2020-36179", "CVE-2020-36180", "CVE-2020-36181", "CVE-2020-36182", "CVE-2020-36183", "CVE-2020-36184", "CVE-2020-36185", "CVE-2020-36186", "CVE-2020-36187", "CVE-2020-36188", "CVE-2020-36189", "CVE-2020-8840", "CVE-2020-9492", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548", "CVE-2021-20190", "CVE-2021-27568", "CVE-2021-29768", "CVE-2021-32797", "CVE-2021-32798", "CVE-2021-35517", "CVE-2021-36090", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-38945", "CVE-2021-39047", "CVE-2021-39239", "CVE-2021-41164", "CVE-2021-41165", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184"], "modified": "2022-06-22T15:20:17", "id": "B5B6C4769983441433B811EF3AAED6CFC993849D42BC924ECF1CCA5E34838148", "href": "https://www.ibm.com/support/pages/node/6597241", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-06-28T22:01:51", "description": "## Summary\n\nSecurity vulnerabilities have been addressed in IBM Cognos Analytics 11.2.2. These vulnerabilities have also been previously addressed in IBM Cognos Analytics 11.1.7 FP4 where applicable.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-29824](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29824>) \n** DESCRIPTION: **IBM Cognos Analytics is vulnerable to priviledge escalation where a lower level user could have read access to to the 'Data Connections' page to which they don't have access. \nCVSS Base score: 3.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204468](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204468>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-23337](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-23840](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly long argument, an attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196848](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196848>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-22884](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22884>) \n** DESCRIPTION: **Node.js is vulnerable to a denial of service, caused by an error when the whitelist includes \"localhost6\". By controlling the victim's DNS server or spoofing its responses, an attacker could exploit this vulnerability to bypass the DNS rebinding protection mechanism using the \"localhost6\" domain and cause a denial of service. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197191](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197191>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H) \n \n** CVEID: **[CVE-2021-22883](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22883>) \n** DESCRIPTION: **Node.js is vulnerable to a denial of service, caused by a file descriptor leak. By making multiple attempts to connect with an 'unknownProtocol', an attacker could exploit this vulnerability to lead to an excessive memory usage and cause the system to run out of memory. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-38886](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38886>) \n** DESCRIPTION: **IBM Cognos Analytics is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209399](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209399>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-1000632](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000632>) \n** DESCRIPTION: **dom4j could allow a remote attacker to execute arbitrary code on the system, caused by improper input validation in multiple methods. By sending a specially-crafted XML content, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/148750](<https://exchange.xforce.ibmcloud.com/vulnerabilities/148750>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-8203](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8203>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. A remote attacker could exploit this vulnerability using the merge, mergeWith, and defaultsDeep functions to inject properties onto Object.prototype to crash the server and possibly execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183560](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183560>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-22939](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22939>) \n** DESCRIPTION: **Node.js could allow a remote attacker to bypass security restrictions. If the https API was used incorrectly and \"undefined\" was in passed for the \"rejectUnauthorized\" parameter, an attacker could exploit this vulnerability to connect to servers using an expired certificate. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207233](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207233>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-22931](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22931>) \n** DESCRIPTION: **Node.js could provide weaker than expected security, caused by missing input validation on hostnames returned by DNS servers. An attacker could exploit this vulnerability to cause output of wrong hostnames leading to Domain Hijacking and and injection vulnerabilities in applications using the library. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207230](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207230>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-28500](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23343](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23343>) \n** DESCRIPTION: **path-parse is vulnerable to a denial of service. By sending a specially-crafted request via splitDeviceRe, splitTailRe, and splitPathRe regular expressions, a remote attacker could exploit this vulnerability to cause a regular expression denial of service (ReDoS). \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201206](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201206>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-32808](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32808>) \n** DESCRIPTION: **CKEditor is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the clipboard Widget plugin if used alongside the undo feature. A remote attacker could exploit this vulnerability using malformed widget HTML, which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207430](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207430>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N) \n \n** CVEID: **[CVE-2021-22940](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22940>) \n** DESCRIPTION: **Node.js could allow a remote attacker to bypass security restrictions, caused by an incomplete fix for CVE-2021-22930 related to a use-after-free on close http2 on stream canceling. An attacker could exploit this vulnerability to corrupt memory to change process behavior. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207520](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207520>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-38946](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38946>) \n** DESCRIPTION: **IBM Cognos Analytics is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211240](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211240>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-22930](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930>) \n** DESCRIPTION: **Node.js could allow a remote attacker to bypass security restrictions, caused by a use-after-free on close http2 on stream canceling. An attacker could exploit this vulnerability to corrupt memory to change process behavior. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206473](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206473>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-33829](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33829>) \n** DESCRIPTION: **CKEditor is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203802](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203802>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-22921](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22921>) \n** DESCRIPTION: **Node.js could allow a local attacker to gain elevated privileges on the system, caused by improper configuration of permissions in the installation directory. Under certain conditions. An attacker could exploit this vulnerability to perform PATH and DLL hijacking attacks. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204785](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204785>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-22918](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22918>) \n** DESCRIPTION: **Node.js is vulnerable to a denial of service, caused by an out-of-bounds read in the libuv's uv__idna_toascii() function. By invoking the function using dns module's lookup() function, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204784](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204784>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2019-10744](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10744>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request using a constructor payload, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167415](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167415>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2021-36373](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36373>) \n** DESCRIPTION: **Apache Ant is vulnerable to a denial of service, caused by an out-of-memory error when large amounts of memory are allocated. By persuading a victim to open a specially-crafted TAR archive, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205311](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205311>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36179](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36179>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194374](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194374>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36180](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36180>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194375](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194375>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36181](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36181>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194376](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194376>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36182](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36182>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194377](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194377>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36183](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36183>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194378](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194378>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36184](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36184>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194379](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194379>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36185](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36185>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194380](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194380>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36186](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36186>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194381](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194381>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36187](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36187>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194382](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194382>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-2369](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2369>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Library component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205796](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205796>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-8331](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8331>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the tooltip or popover data-template. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/157409](<https://exchange.xforce.ibmcloud.com/vulnerabilities/157409>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-14041](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14041>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/146467](<https://exchange.xforce.ibmcloud.com/vulnerabilities/146467>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-14042](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14042>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the data-container property of tooltip. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/146466](<https://exchange.xforce.ibmcloud.com/vulnerabilities/146466>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-14040](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14040>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the collapse data-parent attribute. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/146468](<https://exchange.xforce.ibmcloud.com/vulnerabilities/146468>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-22959](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959>) \n** DESCRIPTION: **Node.js is vulnerable to HTTP request smuggling, caused by an error related to a space in headers. A remote attacker could send a specially-crafted request with a space (SP) right after the header name before the colon to lead to HTTP Request Smuggling (HRS). An attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211168](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211168>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-36374](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36374>) \n** DESCRIPTION: **Apache Ant is vulnerable to a denial of service, caused by an out-of-memory error when large amounts of memory are allocated. By persuading a victim to open a specially-crafted ZIP archive, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-37714](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37714>) \n** DESCRIPTION: **jsoup is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause the HTML and XML parser to get stuck, timeout, or throw unchecked exceptions resulting in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207858](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207858>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-21290](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21290>) \n** DESCRIPTION: **Netty could allow a local authenticated attacker to obtain sensitive information, caused by an insecure temp file in Unix-like systems. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197110](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197110>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-38904](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38904>) \n** DESCRIPTION: **IBM Cognos Analytics could allow a remote attacker to obtain credentials from a user's browser via incorrect autocomplete settings. \nCVSS Base score: 4.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209693](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209693>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-20464](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20464>) \n** DESCRIPTION: **IBM Cognos Analytics PowerPlay could be vulnerable to an XML Bomb attack by a malicious authenticated user. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196813](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196813>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-22960](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960>) \n** DESCRIPTION: **Node.js is vulnerable to HTTP request smuggling, caused by an error when parsing the body of chunked requests. A remote attacker could send a specially-crafted request to lead to HTTP Request Smuggling (HRS). An attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211171](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211171>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-38903](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38903>) \n** DESCRIPTION: **IBM Cognos Anlytics is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209691](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209691>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-32809](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32809>) \n** DESCRIPTION: **CKEditor is vulnerable to HTML injection. A remote authenticated attacker could inject malicious HTML code into the editor, which when viewed, would abuse the paste functionality and executed in the victim's Web browser within the security context of the hosting site. \nCVSS Base score: 4.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207429](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207429>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-38905](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38905>) \n** DESCRIPTION: **iBM Cognos Analytics could allow an authenticated user to view report pages that they should not have access to. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209697](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209697>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Cognos Analytics 11.2.x\n\nIBM Cognos Analytics 11.1.x\n\n## Remediation/Fixes\n\n**For IBM Cognos Analytics 11.2.x: \n**\n\n[Downloading IBM Cognos Analytics 11.2.2](<https://www.ibm.com/support/pages/node/6564061> \"Downloading IBM Cognos Analytics 11.2.2\" )\n\n**For IBM Cognos Analytics 11.1.x: \n**\n\n[IBM Cognos Analytics 11.1.7 IF9](<https://www.ibm.com/support/pages/node/6525664> \"IBM Cognos Analytics 11.1.7 IF9\" )\n\n**IBM Cognos Analytics on Cloud**\n\nThese vulnerabilities have been remediated on all IBM Cognos Analytics on Cloud environments and no further action is required.\n\n**Notes:**\n\nCVE-2021-23840 is specific to OpenSSL used within NodeJS.\n\nAlthough IBM Cognos Analytics is not vulnerable to the listed CVEs, all instances of Apache Log4j v1.x were proactively upgraded to Apache Log4j v2.17.1 for the IBM Cognos Analytics 11.1 and 11.2 streams. (CVE-2021-4104, CVE-2022-23302, CVE-2022-23305 and CVE-2022-23307)\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n[IBM Java SDK Security Bulletin (July 2021)](<https://www.ibm.com/support/pages/node/6482173> \"\" )\n\n[IBM Java SDK Security Bulletin (October 2020)](<https://www.ibm.com/support/pages/node/6370057> \"\" )\n\n## Acknowledgement\n\n## Change History\n\n25 April 2022: Modified Remediation/Fixes section. Removed note about Cognos Power Play. Link is already in IBM Cognos Analytics 11.2.2 Download Document. \n21 April 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSTSF6\",\"label\":\"Cognos Analytics\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"11.2.1, 11.2.0, 11.1.7\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-04-25T16:43:12", "type": "ibm", "title": "Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000632", "CVE-2018-14040", "CVE-2018-14041", "CVE-2018-14042", "CVE-2019-10744", "CVE-2019-8331", "CVE-2020-28500", "CVE-2020-36179", "CVE-2020-36180", "CVE-2020-36181", "CVE-2020-36182", "CVE-2020-36183", "CVE-2020-36184", "CVE-2020-36185", "CVE-2020-36186", "CVE-2020-36187", "CVE-2020-8203", "CVE-2021-20464", "CVE-2021-21290", "CVE-2021-22883", "CVE-2021-22884", "CVE-2021-22918", "CVE-2021-22921", "CVE-2021-22930", "CVE-2021-22931", "CVE-2021-22939", "CVE-2021-22940", "CVE-2021-22959", "CVE-2021-22960", "CVE-2021-23337", "CVE-2021-23343", "CVE-2021-2369", "CVE-2021-23840", "CVE-2021-29824", "CVE-2021-32808", "CVE-2021-32809", "CVE-2021-33829", "CVE-2021-36373", "CVE-2021-36374", "CVE-2021-37714", "CVE-2021-38886", "CVE-2021-38903", "CVE-2021-38904", "CVE-2021-38905", "CVE-2021-38946", "CVE-2021-4104", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-04-25T16:43:12", "id": "FE6D95CEEFE9596CD6D6134F8326AB13E3C97D550B3E62F57DECDBDBC51C329A", "href": "https://www.ibm.com/support/pages/node/6570957", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-04T12:42:01", "description": "## Summary\n\nIBM Data Risk Manager (IDRM) is affected but not classified as vulnerable to a remote code execution in Spring Framework (CVE-2022-22965) as it does not meet all of the following criteria: 1. JDK 9 or higher, 2. Apache Tomcat as the Servlet container, 3. Packaged as WAR (in contrast to a Spring Boot executable jar), 4. Spring-webmvc or spring-webflux dependency, 5. Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older versions. This fix includes Spring Boot 2.6.6 and Spring Framework 5.3.18, and addresses multiple vulnerabilities with an updated version of IDRM 2.0.6.13. Please see the remediation steps below to apply the fix. All customers are encouraged to act quickly to update their systems.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-22942](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22942>) \n** DESCRIPTION: **Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by improper file descriptor handling in the vmwgfx driver. By sending a specially-crafted ioctl call, an attacker could exploit this vulnerability to gain access to files opened by other processes on the system, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/218323](<https://exchange.xforce.ibmcloud.com/vulnerabilities/218323>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-4155](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4155>) \n** DESCRIPTION: **Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by data leak flaw in the way how XFS_IOC_ALLOCSP IOCTL in the XFS filesystem is allowed for size increase of files with unaligned size. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information on the XFS filesystem, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216919](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216919>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-23181](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23181>) \n** DESCRIPTION: **Apache Tomcat could allow a local authenticated attacker to gain elevated privileges on the system, caused by a time of check, time of use flaw when configured to persist sessions using the FileStore. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to perform actions with the privileges of Tomcat process. \nCVSS Base score: 7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/218221](<https://exchange.xforce.ibmcloud.com/vulnerabilities/218221>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-35550](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211627](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211627>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2016-6796](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6796>) \n** DESCRIPTION: **Apache Tomcat could allow a local attacker to bypass security restrictions. By modifying configuration parameters for the JSP Servlet, an attacker could exploit this vulnerability to bypass a configured SecurityManager. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118404](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118404>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-3573](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3573>) \n** DESCRIPTION: **Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw in the hci_sock_bound_ioctl function. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause the kernel to crash. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203249](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203249>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-22096](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22096>) \n** DESCRIPTION: **VMware Spring Framework could allow a remote attacker to bypass security restrictions. By sending a specially-crafted input, an attacker could exploit this vulnerability to cause the insertion of additional log entries. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212430](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212430>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-1000027](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000027>) \n** DESCRIPTION: **Pivota Spring Framework could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a code injection vulnerability. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/174367](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174367>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-22118](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22118>) \n** DESCRIPTION: **VMware Tanzu Spring Framework could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the WebFlux application. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges to read or modify files in the WebFlux application, or overwrite arbitrary files with multipart request data. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202705](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202705>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L) \n \n** CVEID: **[CVE-2020-5421](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5421>) \n** DESCRIPTION: **VMware Tanzu Spring Framework could allow a remote attacker to bypass security restrictions, caused by improper input validation. By using a specially-crafted jsessionid path parameter, an attacker could exploit this vulnerability to bypass RFD Protection. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188530](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188530>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2018-10237](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10237>) \n** DESCRIPTION: **Google Guava is vulnerable to a denial of service, caused by improper eager allocation checks in the AtomicDoubleArray and CompoundOrdering class. By sending a specially-crafted data, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/142508](<https://exchange.xforce.ibmcloud.com/vulnerabilities/142508>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-8908](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8908>) \n** DESCRIPTION: **Guava could allow a remote authenticated attacker to bypass security restrictions, caused by a temp directory creation vulnerability in com.google.common.io.Files.createTempDir(). By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192996](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192996>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-21365](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the ImageIO component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217659](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217659>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-21360](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the ImageIO component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217654](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217654>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-21349](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21349>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the 2D component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217643](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217643>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-21341](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Serialization component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217636](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217636>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-21340](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217635](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217635>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-21305](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217600](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217600>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2022-21294](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217589](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217589>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-21293](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217588](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217588>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-21291](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217586](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217586>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2022-21248](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Serialization component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217543](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217543>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-36373](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36373>) \n** DESCRIPTION: **Apache Ant is vulnerable to a denial of service, caused by an out-of-memory error when large amounts of memory are allocated. By persuading a victim to open a specially-crafted TAR archive, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205311](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205311>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2012-2098](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2098>) \n** DESCRIPTION: **Apache Commons Compress and Apache Ant are vulnerable to a denial of service, caused by an error when using bzip2 compression to compress files. By passing specially-crafted input to the BZip2CompressorOutputStream class, a remote attacker could exploit this vulnerability to consume all available resources. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/75857](<https://exchange.xforce.ibmcloud.com/vulnerabilities/75857>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2021-31811](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31811>) \n** DESCRIPTION: **Apache PDFBox is vulnerable to a denial of service, caused by an out-of-memory exception while loading a file. By persuading a victim to open a specially-crafted PDF file, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203615](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203615>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-31812](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31812>) \n** DESCRIPTION: **Apache PDFBox is vulnerable to a denial of service, caused by an error while loading a file. By persuading a victim to open a specially-crafted PDF file, a remote attacker could exploit this vulnerability to cause the system to enter into an infinite loop. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203587](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203587>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-27906](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27906>) \n** DESCRIPTION: **Apache PDFBox is vulnerable to a denial of service, caused by an OutOfMemory-Exception flaw. By persuading a victim to open a specially-crafted .PDF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198452](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198452>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-27807](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27807>) \n** DESCRIPTION: **Apache PDFBox is vulnerable to a denial of service, caused by an infinite loop flaw. By persuading a victim to open a specially-crafted .PDF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198451](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198451>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-22950](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22950>) \n** DESCRIPTION: **VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted crafted SpEL expression, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/223096](<https://exchange.xforce.ibmcloud.com/vulnerabilities/223096>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2019-12415](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12415>) \n** DESCRIPTION: **Apache POI could allow a remote attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data by tool XSSFExportToXml. By sending a specially-crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/170015](<https://exchange.xforce.ibmcloud.com/vulnerabilities/170015>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-14040](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14040>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the collapse data-parent attribute. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/146468](<https://exchange.xforce.ibmcloud.com/vulnerabilities/146468>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2016-10735](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10735>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the data-target attribute. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155339](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155339>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-8331](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8331>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the tooltip or popover data-template. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/157409](<https://exchange.xforce.ibmcloud.com/vulnerabilities/157409>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-14042](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14042>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the data-container property of tooltip. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/146466](<https://exchange.xforce.ibmcloud.com/vulnerabilities/146466>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-20676](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20676>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155338](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155338>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-20677](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20677>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the affix configuration target property. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155337](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155337>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-10202](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10202>) \n** DESCRIPTION: **Red Hat JBoss Enterprise Application Platform (EAP) could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization in Codehaus. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168251](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168251>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-39145](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39145>) \n** DESCRIPTION: **XStream could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By manipulating the processed input stream, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208113](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208113>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-26217](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26217>) \n** DESCRIPTION: **XStream could allow a remote attacker to execute arbitrary code on the system, caused by flaws in the XStream.java and SecurityVulnerabilityTest.java scripts. By manipulating the processed input stream, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192210](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192210>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-39140](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39140>) \n** DESCRIPTION: **XStream is vulnerable to a denial of service, caused by an infinite loop flaw. By manipulating the processed input stream, a remote authenticated attacker could exploit this vulnerability to allocate 100% CPU time on the target system, and results in a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208110](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208110>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-29505](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29505>) \n** DESCRIPTION: **XStream XStream could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper input validation. By manipulating the processed input stream, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202795](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202795>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-39144](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39144>) \n** DESCRIPTION: **XStream could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an unsafe deserialization flaw. By manipulating the processed input stream, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 8.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208112](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208112>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-39149](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39149>) \n** DESCRIPTION: **XStream could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By manipulating the processed input stream, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208117](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208117>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-21348](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21348>) \n** DESCRIPTION: **XStream is vulnerable to a denial of service, caused by a regular expression denial of service flaw (ReDos). By using a specially-crafted regular expression input, a remote attacker could exploit this vulnerability to consume maximum CPU time. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198625](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198625>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-39151](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39151>) \n** DESCRIPTION: **XStream could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By manipulating the processed input stream, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208119](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208119>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-21344](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21344>) \n** DESCRIPTION: **XStream could allow a remote attacker to execute arbitrary code on the system, caused by a flaw when processing stream at unmarshalling time. By manipulating the processed input stream and replace or inject objects, an attacker could exploit this vulnerability to execute arbitrary code from a remote server. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198621](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198621>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-21342](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21342>) \n** DESCRIPTION: **XStream is vulnerable to server-side request forgery, caused by a flaw when processing stream at unmarshalling time. By manipulating the processed input stream and replace or inject objects, an attacker could exploit this vulnerability to conduct SSRF attack o access data streams from an arbitrary URL referencing a resource in an intranet or the local host. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198619](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198619>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2021-21343](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21343>) \n** DESCRIPTION: **XStream could allow a remote attacker to bypass security restrictions, caused by a flaw when processing stream at unmarshalling time. By manipulating the processed input stream and replace or inject objects, an attacker could exploit this vulnerability to delete arbitrary files on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198620](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198620>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2020-26258](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26258>) \n** DESCRIPTION: **XStream is vulnerable to server-side request forgery, caused by a flaw when unmarshalling. By manipulating the processed input stream, a remote attacker could exploit this vulnerability to obtain sensitive data. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193525](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193525>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-39153](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39153>) \n** DESCRIPTION: **XStream could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By manipulating the processed input stream, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208121](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208121>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-39141](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39141>) \n** DESCRIPTION: **XStream could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By manipulating the processed input stream, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208111](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208111>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-39147](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39147>) \n** DESCRIPTION: **XStream could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By manipulating the processed input stream, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208115](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208115>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-39148](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39148>) \n** DESCRIPTION: **XStream could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By manipulating the processed input stream, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208116](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208116>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-21347](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21347>) \n** DESCRIPTION: **XStream could allow a remote attacker to execute arbitrary code on the system, caused by a flaw when processing stream at unmarshalling time. By manipulating the processed input stream and replace or inject objects, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198624](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198624>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-21345](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21345>) \n** DESCRIPTION: **XStream could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a flaw when processing stream at unmarshalling time. By manipulating the processed input stream and replace or inject objects, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 8.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198622](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198622>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-26259](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26259>) \n** DESCRIPTION: **XStream could allow a remote attacker to delete arbitrary files from the system, caused by improper input sanitization. By manipulating the processed input, an attacker could exploit this vulnerability to delete arbitrary files from the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193524](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193524>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-39146](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39146>) \n** DESCRIPTION: **XStream could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By manipulating the processed input stream, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208114](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208114>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-21349](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21349>) \n** DESCRIPTION: **XStream is vulnerable to server-side request forgery, caused by a flaw when processing stream at unmarshalling time. By manipulating the processed input stream and replace or inject objects, an attacker could exploit this vulnerability to conduct SSRF attack to access data streams from an arbitrary URL referencing a resource in an intranet or the local host. \nCVSS Base score: 8.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198626](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198626>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2021-21350](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21350>) \n** DESCRIPTION: **XStream could allow a remote attacker to execute arbitrary code on the system, caused by a flaw when processing stream at unmarshalling time. By manipulating the processed input stream and replace or inject objects, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198627](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198627>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-21351](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21351>) \n** DESCRIPTION: **XStream could allow a remote attacker to execute arbitrary code on the system, caused by a flaw when processing stream at unmarshalling time. By manipulating the processed input stream and replace or inject objects, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198628](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198628>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-21346](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21346>) \n** DESCRIPTION: **XStream could allow a remote attacker to execute arbitrary code on the system, caused by a flaw when processing stream at unmarshalling time. By manipulating the processed input stream and replace or inject objects, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198623](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198623>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-39154](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39154>) \n** DESCRIPTION: **XStream could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By manipulating the processed input stream, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208122](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208122>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-21341](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21341>) \n** DESCRIPTION: **XStream is vulnerable to a denial of service, caused by an endless loop flaw when processing stream at unmarshalling time. By manipulating the processed input stream, a remote attacker could exploit this vulnerability to allocate 100% CPU time. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198618](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198618>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-39150](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39150>) \n** DESCRIPTION: **XStream is vulnerable to server-side request forgery, caused by an unsafe deserialization flaw. By manipulating the processed input stream, an attacker could exploit this vulnerability to conduct SSRF attack to request data from internal resources. \nCVSS Base score: 8.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208118](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208118>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-39152](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39152>) \n** DESCRIPTION: **XStream is vulnerable to server-side request forgery, caused by an unsafe deserialization flaw. By manipulating the processed input stream, an attacker could exploit this vulnerability to conduct SSRF attack to request data from internal resources. \nCVSS Base score: 8.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208120](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208120>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-39139](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39139>) \n** DESCRIPTION: **XStream could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By manipulating the processed input stream, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208108](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208108>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-43859](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43859>) \n** DESCRIPTION: **XStream is vulnerable to a denial of service, caused by improper input validation. By injecting highly recursive collections or maps, a remote attacker could exploit this vulnerability to allocate 100% CPU time on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219177](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219177>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-22965](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22965>) \n** DESCRIPTION: **Spring Framework could allow a remote attacker to execute arbitrary code on the system, caused by the improper handling of PropertyDescriptor objects used with data binding. By sending specially-crafted data to a Spring Java application, an attacker could exploit this vulnerability to execute arbitrary code on the system. Note: The exploit requires Spring Framework to be run on Tomcat as a WAR deployment with JDK 9 or higher using spring-webmvc or spring-webflux. Note: This vulnerability is also known as Spring4Shell or SpringShell. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/223103](<https://exchange.xforce.ibmcloud.com/vulnerabilities/223103>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-28657](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28657>) \n** DESCRIPTION: **Apache Tika is vulnerable to a denial of service, caused by an infinite loop flaw in the MP3 parser. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199112](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199112>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-37714](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37714>) \n** DESCRIPTION: **jsoup is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause the HTML and XML parser to get stuck, timeout, or throw unchecked exceptions resulting in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207858](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207858>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36322](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36322>) \n** DESCRIPTION: **Linux Kernel is vulnerable to a denial of service, caused by a flaw in the fuse_do_getattr function in the FUSE filesystem implementation in . By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause the system to crash. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200230](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200230>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-23437](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23437>) \n** DESCRIPTION: **Apache Xerces2 Java XML Parser is vulnerable to a denial of service, caused by an infinite loop in the XML parser. By persuading a victim to open a specially-crafted XML document payloads, a remote attacker could exploit this vulnerability to consume system resources for prolonged duration. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217982](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217982>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-10086](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10086>) \n** DESCRIPTION: **Apache Commons Beanutils could allow a remote attacker to gain unauthorized access to the system, caused by the failure to suppresses the class property in bean introspection by default. An attacker could exploit this vulnerability to gain unauthorized access to the classloader. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/166353](<https://exchange.xforce.ibmcloud.com/vulnerabilities/166353>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2014-0114](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0114>) \n** DESCRIPTION: **Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the setting of Class Loader attributes. An attacker could exploit this vulnerability using the class parameter of an ActionForm object to manipulate the ClassLoader and execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/92889](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92889>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2022-27772](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27772>) \n** DESCRIPTION: **Spring Boot could allow a local authenticated attacker to gain elevated privileges on the system, caused by temporary directory hijacking in org.springframework.boot.web.server.AbstractConfigurableWebServerFactory.createTempDir method. By placing a specially-crafted file, an attacker could exploit this vulnerability to take over the application. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/223090](<https://exchange.xforce.ibmcloud.com/vulnerabilities/223090>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3752](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3752>) \n** DESCRIPTION: **Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw in the Bluetooth module. By sending a specially-crafted payload, a local attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209448](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209448>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2015-4852](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4852>) \n** DESCRIPTION: **The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product. \nCVSS Base score: 9.8 \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2015-6420](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6420>) \n** DESCRIPTION: **Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Service Provider; Unified Computing; Voice and Unified Communications Devices; Video, Streaming, TelePresence, and Transcoding Devices; Wireless; and Cisco Hosted Services products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. \nCVSS Base score: 9.8 \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2017-15708](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15708>) \n** DESCRIPTION: **Apache Synapse could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Apache Commons Collections. By injecting specially-crafted serialized objects, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/136262](<https://exchange.xforce.ibmcloud.com/vulnerabilities/136262>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2015-7501](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7501>) \n** DESCRIPTION: **Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. \nCVSS Base score: 9.8 \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-13116](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13116>) \n** DESCRIPTION: **MuleSoft Mule runtime could allow a remote attacker to execute arbitrary code on the system, caused by Java deserialization, related to Apache Commons Collections. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169704](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169704>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3564](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3564>) \n** DESCRIPTION: **Linux Kernel is vulnerable to a denial of service, caused by a double free memory corruption flaw in the implementation of the BlueTooth subsystem. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause the system to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202424](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202424>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2015-1796](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1796>) \n** DESCRIPTION: **Shibboleth Identity Provider could allow a remote attacker to bypass security restrictions, caused by an error in the PKIX trust component. An attacker could exploit this vulnerability using a certificate issued by the shibmd:KeyAuthority trust anchors to impersonate any eneity. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/105594](<https://exchange.xforce.ibmcloud.com/vulnerabilities/105594>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2020-15522](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15522>) \n** DESCRIPTION: **Bouncy Castle BC Java, BC C# .NET, BC-FJA, BC-FNA could allow a remote attacker to obtain sensitive information, caused by a timing issue within the EC math library. By utilize cryptographic attack techniques, an attacker could exploit this vulnerability to obtain the private key information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202188](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202188>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2020-26939](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26939>) \n** DESCRIPTION: **Legion of the Bouncy Castle BC and Legion of the Bouncy Castle BC-FJA could allow a remote attacker to obtain sensitive information, caused by observable differences in behavior to rrror inputs in org.bouncycastle.crypto.encodings.OAEPEncoding. By using the OAEP Decoder to send invalid ciphertext that decrypts to a short payload, a remote attacker could exploit this vulnerability to obtain sensitive information and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191108](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191108>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-17359](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17359>) \n** DESCRIPTION: **Bouncy Castle Crypto is vulnerable to a denial of service, caused by OutOfMemoryError error in ASN.1 parser. By sending specially crafted ASN.1 data, a local attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168581](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168581>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-22060](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22060>) \n** DESCRIPTION: **VMware Tanzu Spring Framework could allow a remote authenticated attacker to bypass security restrictions, caused by improper input validation. By sending a specially-crafted request, an attacker could exploit this vulnerability to insert additional log entries. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217183](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217183>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-25704](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25704>) \n** DESCRIPTION: **Linux Kernel is vulnerable to a denial of service, caused by a memory leak in the perf_event_parse_addr_filter function. By executing a specially-crafted program, a local attacker could exploit this vulnerability to exhaust available memory on the system. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191348](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191348>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-0330](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0330>) \n** DESCRIPTION: **Linux Kernel could allow a local attacker to obtain sensitive information, caused by a security sensitive bug in the i915 kernel driver. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information or cause random memory corruption. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/218086](<https://exchange.xforce.ibmcloud.com/vulnerabilities/218086>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-35515](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35515>) \n** DESCRIPTION: **Apache Commons Compress is vulnerable to a denial of service, caused by an infinite loop flaw in the construction of the list of codecs that decompress an entry. By persuading a victim to open a specially-crafted 7Z archive, a remote attacker could exploit this vulnerability to cause a denial of service condition against services that use Compress' sevenz package. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205304](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205304>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-12402](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12402>) \n** DESCRIPTION: **Apache Commons Compress is vulnerable to a denial of service, caused by an error in the internal file name encoding algorithm. By choosing the file names inside of a specially crafted archive, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165956](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165956>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35517](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35517>) \n** DESCRIPTION: **Apache Commons Compress is vulnerable to a denial of service, caused by an out of memory error when allocating large amounts of memory. By persuading a victim to open a specially-crafted TAR archive, a remote attacker could exploit this vulnerability to cause a denial of service condition against services that use Compress' tar package. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205307](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205307>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2018-1324](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1324>) \n** DESCRIPTION: **Apache Commons Compress is vulnerable to a denial of service, caused by an error in the extra field parser used by the ZipFile and ZipArchiveInputStream classes. By persuading a victim to open a specially crafted ZIP archive, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/140401](<https://exchange.xforce.ibmcloud.com/vulnerabilities/140401>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-36090](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36090>) \n** DESCRIPTION: **Apache Commons Compress is vulnerable to a denial of service, caused by an out-of-memory error when large amounts of memory are allocated. By reading a specially-crafted ZIP archive, a remote attacker could exploit this vulnerability to cause a denial of service condition against services that use Compress' zip package. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205310](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205310>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2018-11771](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11771>) \n** DESCRIPTION: **Apache Commons Compress is vulnerable to a denial of service, caused by the failure to return the correct EOF indication after the end of the stream has been reached by the ZipArchiveInputStream method. By reading a specially crafted ZIP archive, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 3.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/148429](<https://exchange.xforce.ibmcloud.com/vulnerabilities/148429>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35516](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35516>) \n** DESCRIPTION: **Apache Commons Compress is vulnerable to a denial of service, caused by an out-of-memory error when large amounts of memory are allocated. By reading a specially-crafted 7Z archive, a remote attacker could exploit this vulnerability to cause a denial of service condition against services that use Compress' sevenz package. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205306](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205306>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23222](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23222>) \n** DESCRIPTION: **PostgreSQL is vulnerable to a man-in-the-middle attack, caused by improper validation of user-supplied input by libpq. A remote attacker could exploit this vulnerability to launch a man-in-the-middle attack to inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/218383](<https://exchange.xforce.ibmcloud.com/vulnerabilities/218383>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-9492](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9492>) \n** DESCRIPTION: **Apache Hadoop could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper validation of SPNEGO authorization header. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges to trigger services to send server credentials to a webhdfs path for capturing the service principal. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195656](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195656>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-8009](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8009>) \n** DESCRIPTION: **Apache Hadoop could could allow a remote attacker to traverse directories on the system. By persuading a victim to extract a specially-crafted ZIP archive containing \"dot dot slash\" sequences (../), an attacker could exploit this vulnerability to write to arbitrary files on the system. Note: This vulnerability is known as \"Zip-Slip\" \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/150617](<https://exchange.xforce.ibmcloud.com/vulnerabilities/150617>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2020-13936](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13936>) \n** DESCRIPTION: **Apache Velocity could allow a remote attacker to execute arbitrary code on the system, caused by a sandbox bypass flaw. By modifying the Velocity templates, an attacker could exploit this vulnerability to execute arbitrary code with the same privileges as the account running the Servlet container. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197993](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197993>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10683](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10683>) \n** DESCRIPTION: **dom4j could allow a remote authenticated attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data. By sending specially crafted XML data, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181356](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181356>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-35603](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211676](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211676>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-13956](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13956>) \n** DESCRIPTION: **Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs. By passing request URIs to the library as java.net.URI object, an attacker could exploit this vulnerability to pick the wrong target host for request execution. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189572](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-40690](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40690>) \n** DESCRIPTION: **Apache Santuario XML Security for Java could allow a remote attacker to bypass security restrictions, caused by the improper passing of the \"secureValidation\" property when creating a KeyInfo from a KeyInfoReference element. An attacker could exploit this vulnerability to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209586](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209586>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2014-3604](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3604>) \n** DESCRIPTION: **Not-Yet-Commons-SSL could allow a remote attacker to bypass security restrictions, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the SSL certificates. By persuading a victim to visit a Web site containing a specially-crafted certificate, a remote attacker could exploit this vulnerability using man-in-the-middle techniques to cause the victim to impersonate trusted servers. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/97659](<https://exchange.xforce.ibmcloud.com/vulnerabilities/97659>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2020-28052](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28052>) \n** DESCRIPTION: **Legion of the Bouncy Castle BC Java could allow a remote attacker to bypass security restrictions. The OpenBSDBCrypt.checkPassword utility method compares incorrect data when checking the password. By using brute force techniques, an attacker could exploit this vulnerability to allow incorrect passwords to indicate they were matching with previously hashed ones that were different. \nCVSS Base score: 9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193563](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193563>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2014-3643](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3643>) \n** DESCRIPTION: **Jersey could allow a remote attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data by jersey SAX parser. By sending a specially-crafted XML data, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/174788](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174788>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2012-5783](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5783>) \n** DESCRIPTION: **Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/79984](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2022-23596](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23596>) \n** DESCRIPTION: **Junrar is vulnerable to a denial of service, caused by an infinite loop when extracting RAR files. By persuading a victim to open a specially-crafted RAR file, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/218764](<https://exchange.xforce.ibmcloud.com/vulnerabilities/218764>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-29425](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425>) \n** DESCRIPTION: **Apache Commons IO could allow a remote attacker to traverse directories on the system, caused by improper input validation by the FileNameUtils.normalize method. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199852](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199852>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2017-18640](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18640>) \n** DESCRIPTION: **SnakeYAML is vulnerable to a denial of service, caused by an entity expansion in Alias feature during a load operation. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/174331](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174331>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-22569](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22569>) \n** DESCRIPTION: **Google Protocol Buffer (protobuf-java) is vulnerable to a denial of service, caused by an issue with allow interleaving of com.google.protobuf.UnknownFieldSet fields. By persuading a victim to open a specially-crafted content, a remote attacker could exploit this vulnerability to cause a timeout in ProtobufFuzzer function, and results in a denial of service condition. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216851](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216851>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-7746](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7746>) \n** DESCRIPTION: **Node.js chart.js moudle is vulnerable to a denial of service, caused by a prototype pollution flaw when processing the options parameter. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190880](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190880>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-38153](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38153>) \n** DESCRIPTION: **Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a timing attack flaw due to the use of \"Arrays.equals\" to validate a password or key. By utilizing brute-force attack techniques, an attacker could exploit this vulnerability to obtain credentials information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209762](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209762>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2020-13954](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13954>) \n** DESCRIPTION: **Apache CXF is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the services listing page. A remote attacker could exploit this vulnerability using the styleSheetPath in a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191650](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191650>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** IBM X-Force ID: **220313 \n** DESCRIPTION: **PostgreSQL JDBC Driver could allow a remote attacker to gain unauthorized access to the system, caused by the exposure of the connection properties for configuring a pgjdbc connection. By specifying arbitrary connection properties, a remote attacker could exploit this vulnerability to gain unauthorized access to the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/220313 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/220313>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** IBM X-Force ID: **220912 \n** DESCRIPTION: **Apache HttpComponents Client could allow a remote attacker to traverse directories on the system, caused by improper validation of user requests. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to view files on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/220912 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/220912>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM DRM| 2.0.6.12 \n \n\n\n## Remediation/Fixes\n\nTo obtain fixes for all reported issues, customers are advised first to upgrade to v2.0.6.12, and then apply the latest FixPack 2.0.6.13.\n\n_Product_| _VRMF_| _APAR \n_| _Remediation / First Fix_ \n---|---|---|--- \nIBM Data Risk Manager| 2.0.6.12| \n\n-\n\n| \n\n1) Apply [DRM_2.0.6.13_FixPack](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Data+Risk+Manager&release=2.0.6.12&platform=Linux&function=all>) \n \n---|---|---|--- \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n06 Apr 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSJQ6V\",\"label\":\"IBM Data Risk Manager\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF004\",\"label\":\"Appliance\"}],\"Version\":\"2.0.6.12\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-04-11T15:17:28", "type": "ibm", "title": "Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities including a remote code execution in Spring Framework (CVE-2022-22965)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2098", "CVE-2012-5783", "CVE-2014-0114", "CVE-2014-3604", "CVE-2014-3643", "CVE-2015-1796", "CVE-2015-4852", "CVE-2015-6420", "CVE-2015-7501", "CVE-2016-1000027", "CVE-2016-10735", "CVE-2016-6796", "CVE-2017-15708", "CVE-2017-18640", "CVE-2018-10237", "CVE-2018-11771", "CVE-2018-1324", "CVE-2018-14040", "CVE-2018-14042", "CVE-2018-20676", "CVE-2018-20677", "CVE-2018-8009", "CVE-2019-10086", "CVE-2019-10202", "CVE-2019-12402", "CVE-2019-12415", "CVE-2019-13116", "CVE-2019-17359", "CVE-2019-8331", "CVE-2020-10683", "CVE-2020-13936", "CVE-2020-13954", "CVE-2020-13956", "CVE-2020-15522", "CVE-2020-25704", "CVE-2020-26217", "CVE-2020-26258", "CVE-2020-26259", "CVE-2020-26939", "CVE-2020-28052", "CVE-2020-36322", "CVE-2020-5421", "CVE-2020-7746", "CVE-2020-8908", "CVE-2020-9492", "CVE-2021-21341", "CVE-2021-21342", "CVE-2021-21343", "CVE-2021-21344", "CVE-2021-21345", "CVE-2021-21346", "CVE-2021-21347", "CVE-2021-21348", "CVE-2021-21349", "CVE-2021-21350", "CVE-2021-21351", "CVE-2021-22060", "CVE-2021-22096", "CVE-2021-22118", "CVE-2021-22569", "CVE-2021-23222", "CVE-2021-27807", "CVE-2021-27906", "CVE-2021-28657", "CVE-2021-29425", "CVE-2021-29505", "CVE-2021-31811", "CVE-2021-31812", "CVE-2021-35515", "CVE-2021-35516", "CVE-2021-35517", "CVE-2021-35550", "CVE-2021-35603", "CVE-2021-3564", "CVE-2021-3573", "CVE-2021-36090", "CVE-2021-36373", "CVE-2021-3752", "CVE-2021-37714", "CVE-2021-38153", "CVE-2021-39139", "CVE-2021-39140", "CVE-2021-39141", "CVE-2021-39144", "CVE-2021-39145", "CVE-2021-39146", "CVE-2021-39147", "CVE-2021-39148", "CVE-2021-39149", "CVE-2021-39150", "CVE-2021-39151", "CVE-2021-39152", "CVE-2021-39153", "CVE-2021-39154", "CVE-2021-40690", "CVE-2021-4155", "CVE-2021-43859", "CVE-2022-0330", "CVE-2022-21248", "CVE-2022-21291", "CVE-2022-21293", "CVE-2022-21294", "CVE-2022-21305", "CVE-2022-21340", "CVE-2022-21341", "CVE-2022-21349", "CVE-2022-21360", "CVE-2022-21365", "CVE-2022-22942", "CVE-2022-22950", "CVE-2022-22965", "CVE-2022-23181", "CVE-2022-23437", "CVE-2022-23596", "CVE-2022-27772"], "modified": "2022-04-11T15:17:28", "id": "B2EA2FBA4D280351FEA7F9EC1921C448D44F4D9EC613590A87A15467F7D34153", "href": "https://www.ibm.com/support/pages/node/6570915", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-28T21:57:23", "description": "## Summary\n\nIBM Security Guardium has fixed these vulnerabilities.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-35560](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35560>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Deployment component could allow an unauthenticated attacker to take control of the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211636](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211636>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-35586](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the ImageIO component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211661](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211661>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35578](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211654](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211654>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35564](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Keytool component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-35559](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Swing component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211635](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211635>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35556](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Swing component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211632](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211632>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35565](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211641](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211641>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35588](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35588>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 3.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211662](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211662>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-41035](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41035>) \n** DESCRIPTION: **Eclipse Openj9 could allow a remote attacker to gain elevated privileges on the system, caused by not throwing IllegalAccessError for MethodHandles that invoke inaccessible interface methods. By persuading a victim to execute a specially-crafted program under a security manager, an attacker could exploit this vulnerability to gain elevated privileges and execute arbitrary code on the system. \nCVSS Base score: 7.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212010](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212010>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-35608](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35608>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Group Replication Plugin component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211680](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211680>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35637](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35637>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: PS component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211706](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211706>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35594](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35594>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Cluster related to the Cluster: General component could allow an authenticated attacker to take control of the system. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211668](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211668>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-35591](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35591>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211665](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211665>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35593](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35593>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Cluster related to the Cluster: General component could allow an authenticated attacker to take control of the system. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211667](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211667>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-35638](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35638>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211707](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211707>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35584](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35584>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Cluster related to the Cluster: ndbcluster/plugin DDL component could allow an authenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211659](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211659>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35648](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35648>) \n** DESCRIPTION: **An unspecified vulnerability in MySQL Server related to the Server: FTS component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211717](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211717>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35640](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35640>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: DDL component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 2.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211709](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211709>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-35624](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35624>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Security: Privileges component could allow an authenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211693](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211693>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-2481](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2481>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211611](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211611>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35642](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35642>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211711](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211711>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35645](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35645>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211714](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211714>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35639](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35639>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Stored Procedure component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211708](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211708>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35597](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35597>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Client related to the C API component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211671](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211671>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35613](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35613>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Cluster related to the Cluster: General component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211685](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211685>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35631](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35631>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: GIS component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211700](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211700>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-2479](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2479>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211609](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211609>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35546](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35546>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Replication component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211625](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211625>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35625](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35625>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Security: Privileges component could allow an authenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 2.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211694](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211694>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-35635](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35635>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211704](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211704>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35636](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35636>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211705](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211705>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35627](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35627>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211696](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211696>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35628](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35628>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211697](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211697>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-2471](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2471>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Connectors related to the Connector/J component could allow an authenticated attacker to cause high confidentiality impact, no integrity impact, and high availability impact. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211603](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211603>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2021-35626](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35626>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211695](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211695>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35592](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35592>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL related to the Cluster: General component could allow an authenticated attacker to take control of the system. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211666](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211666>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-35629](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35629>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211698](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211698>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35583](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35583>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Windows component could allow an unauthenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211658](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211658>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35598](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35598>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Cluster related to the Cluster: General component could allow an authenticated attacker to take control of the system. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211672](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211672>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-35575](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35575>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211651](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211651>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35596](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35596>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Error Handling component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211670](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211670>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35646](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35646>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211715](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211715>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35630](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35630>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Options component could allow an authenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211699](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211699>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-35618](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35618>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Cluster related to the Cluster: General component could allow an authenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 1.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211687](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211687>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-2478](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2478>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211608](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211608>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35647](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35647>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211716](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211716>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35634](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35634>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211703](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211703>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35602](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35602>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Options component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and high availability impact. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211675](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211675>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H) \n \n** CVEID: **[CVE-2021-35643](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35643>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211712](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211712>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35644](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35644>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211713](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211713>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35610](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35610>) \n** DESCRIPTION: **An unspecified vulnerability in Orackle MySQL Server related to the Server: Optimizer component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and high availability impact. \nCVSS Base score: 7.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211682](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211682>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H) \n \n** CVEID: **[CVE-2021-35623](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35623>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Security: Roles component could allow an authenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 2.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211692](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211692>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-35621](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35621>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Cluster related to the Cluster: General component could allow an authenticated attacker to take control of the system. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211690](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211690>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-35537](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35537>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the MySQL Protocol could allow a remote authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211617](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211617>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35633](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35633>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Logging component could allow an authenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 2.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211702](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211702>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35604](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35604>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the InnoDB component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and high availability impact. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211677](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211677>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H) \n \n** CVEID: **[CVE-2021-35612](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35612>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and high availability impact. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211684](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211684>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H) \n \n** CVEID: **[CVE-2021-35590](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35590>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Cluster related to the Cluster: General component could allow an authenticated attacker to take control of the system. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211664](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211664>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-35577](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35577>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211653](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211653>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35607](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35607>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211679](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211679>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Security Guardium| 10.5 \nIBM Security Guardium| 10.6 \nIBM Security Guardium| 11.0 \nIBM Security Guardium| 11.1 \nIBM Security Guardium| 11.2 \nIBM Security Guardium| 11.3 \nIBM Security Guardium| 11.4 \n \n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerabilities now by updating your systems.\n\n** Product**| **Versions**| ** Fix** \n---|---|--- \nIBM Security Guardium| 10.5| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=Linux&function=fixId&fixids=SqlGuard_10.0p550_Bundle_Mar-27-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=Linux&function=fixId&fixids=SqlGuard_10.0p550_Bundle_Mar-27-2022&includeSupersedes=0&source=fc>) \nIBM Security Guardium| 10.6| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=Linux&function=fixId&fixids=SqlGuard_10.0p690_Bundle_Mar-09-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=Linux&function=fixId&fixids=SqlGuard_10.0p690_Bundle_Mar-09-2022&includeSupersedes=0&source=fc>) \nIBM Security Guardium| 11.0| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p45_Bundle_May-03-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p45_Bundle_May-03-2022&includeSupersedes=0&source=fc>) \nIBM Security Guardium| 11.1| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p160_Bundle_Mar-23-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p160_Bundle_Mar-23-2022&includeSupersedes=0&source=fc>) \nIBM Security Guardium| 11.2| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p270_Bundle_Feb-24-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p270_Bundle_Feb-24-2022&includeSupersedes=0&source=fc>) \nIBM Security Guardium| 11.3| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p350_Bundle_Jan-13-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p350_Bundle_Jan-13-2022&includeSupersedes=0&source=fc>) \nIBM Security Guardium| 11.4| [http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p430_Bundle_Apr-28-2022&includeSupersedes=0&source=fc](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p430_Bundle_Apr-28-2022&includeSupersedes=0&source=fc>) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\n## Change History\n\n15 Mar 2022: Initial Publication \n18 Mar 2022: Second Publication \n11 May 2022: Third Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSMPHH\",\"label\":\"IBM Security Guardium\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"10.5, 10.6, 11.0, 11.1, 11.2, 11.3, 11.4\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-12T14:14:41", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.9, "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 9.2, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-2471", "CVE-2021-2478", "CVE-2021-2479", "CVE-2021-2481", "CVE-2021-35537", "CVE-2021-35546", "CVE-2021-35556", "CVE-2021-35559", "CVE-2021-35560", "CVE-2021-35564", "CVE-2021-35565", "CVE-2021-35575", "CVE-2021-35577", "CVE-2021-35578", "CVE-2021-35583", "CVE-2021-35584", "CVE-2021-35586", "CVE-2021-35588", "CVE-2021-35590", "CVE-2021-35591", "CVE-2021-35592", "CVE-2021-35593", "CVE-2021-35594", "CVE-2021-35596", "CVE-2021-35597", "CVE-2021-35598", "CVE-2021-35602", "CVE-2021-35604", "CVE-2021-35607", "CVE-2021-35608", "CVE-2021-35610", "CVE-2021-35612", "CVE-2021-35613", "CVE-2021-35618", "CVE-2021-35621", "CVE-2021-35623", "CVE-2021-35624", "CVE-2021-35625", "CVE-2021-35626", "CVE-2021-35627", "CVE-2021-35628", "CVE-2021-35629", "CVE-2021-35630", "CVE-2021-35631", "CVE-2021-35633", "CVE-2021-35634", "CVE-2021-35635", "CVE-2021-35636", "CVE-2021-35637", "CVE-2021-35638", "CVE-2021-35639", "CVE-2021-35640", "CVE-2021-35642", "CVE-2021-35643", "CVE-2021-35644", "CVE-2021-35645", "CVE-2021-35646", "CVE-2021-35647", "CVE-2021-35648", "CVE-2021-41035"], "modified": "2022-05-12T14:14:41", "id": "A88A9645C8F75892D90D8542DC9FBE5895FAA1BF48BAF9F16E2A36E690C7A8F5", "href": "https://www.ibm.com/support/pages/node/6563573", "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:N/A:C"}}, {"lastseen": "2022-06-28T22:02:53", "description": "## Summary\n\nCloud Pak for Security (CP4S) v1.8.1.0 and earlier uses packages that are vulnerable to several CVEs. These have been remediated in the latest product release. Please see below for CVE details and the Remediation section for upgrade instructions. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2015-8985](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8985>) \n** DESCRIPTION: **glibc is vulnerable to a denial of service, caused by a flaw in the pop_fail_stack function. By using a specially crafted extended regular expression, a remote attacker could cause an assertion failure and application crash. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/126591](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126591>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2015-8984](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8984>) \n** DESCRIPTION: **glibc is vulnerable to a denial of service, caused by an out-of-bounds read in the fnmatch function. By using a malformed pattern, a remote attacker could cause the application crash. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/126595](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126595>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3426](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426>) \n** DESCRIPTION: **Python pydoc module could allow a remote attacker from within the local network obtain sensitive information. By starting the pydoc server, an attacker could exploit this vulnerability to extract arbitrary files. \nCVSS Base score: 5.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201171](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201171>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2007-3716](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3716>) \n** DESCRIPTION: **Sun JRE (Java Runtime Environment) and JDK (Java Developer's Kit) could allow a remote attacker to execute arbitrary code on the system, caused by a vulnerability in the XML Digital Signature implementation. By sending a specially-crafted XML signature containing a malicious XSLT stylesheet, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the application's permissions. \nCVSS Base score: 5.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/35332](<https://exchange.xforce.ibmcloud.com/vulnerabilities/35332>) for the current score. \nCVSS Vector: \n \n** CVEID: **[CVE-2017-18018](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18018>) \n** DESCRIPTION: **GNU Coreutils could allow a local attacker to bypass security restrictions, caused by not preventing replacement of a plain file with a symlink issue in chown-core.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to modify the ownership of arbitrary files. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/137123](<https://exchange.xforce.ibmcloud.com/vulnerabilities/137123>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2018-17101](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101>) \n** DESCRIPTION: **LibTIFF is vulnerable to a denial of service, caused by an out-of-bounds write in cpTags in tools/tiff2bw.c and tools/pal2rgb.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/149976](<https://exchange.xforce.ibmcloud.com/vulnerabilities/149976>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-10001](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10001>) \n** DESCRIPTION: **Apple macOS could allow a remote attacker to obtain sensitive information, caused by improper input validation by the CUPS component. By persuading a victim to open a specially-crafted application, an attacker could exploit this vulnerability to obtain restricted memory information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199353](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199353>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2020-35448](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35448>) \n** DESCRIPTION: **GNU Binutils is vulnerable to a denial of service, caused by a heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd). By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193875](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-26927](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26927>) \n** DESCRIPTION: **JasPer is vulnerable to a denial of service, caused by a NULL pointer dereference in jp2_decode in jp2_dec.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197351](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197351>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-28153](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28153>) \n** DESCRIPTION: **GNOME GLib could allow a remote attacker to bypass security restrictions, caused by a flaw when g_file_replace() function is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink. By persuading a victim to open a specially-crafted ZIP archive, an attacker could exploit this vulnerability to overwrite arbitrary files on the sytem. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198147](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198147>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2017-13728](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13728>) \n** DESCRIPTION: **GNU ncurses is vulnerable to a denial of service, caused by an error in the next_char function in comp_scan.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131172](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131172>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7613](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7613>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by memory allocation failure in elflint.c . By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124513](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124513>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7612](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7612>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by heap-based buffer over-read in the check_sysv_hash function in elflint.c. By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124512](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124512>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7611](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7611>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by heap-based buffer over-read in check_symtab_shndx function in elflint.c . By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124511](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124511>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7610](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7610>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by heap-based buffer over-read check_group function in elflint.c. By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124510](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124510>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7609](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7609>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by memory consumption in elf_compress.c. By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124509](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124509>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7608](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7608>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by heap-based buffer over-read in ebl_object_note_type_name function in eblobjnotetypename.c. By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124508](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124508>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7607](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7607>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by heap-based buffer over-read handle_gnu_hash function in readelf.c. By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124507](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124507>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2016-10255](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10255>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by memory allocation failure in __libelf_set_rawdata_wrlock function in elf_getdata.c. By persuading a victim to open a specially crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124088](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124088>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2016-10254](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10254>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by memory allocation failure in allocate_elf function in common.h. By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124086](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124086>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-14062](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14062>) \n** DESCRIPTION: **Libidn2 is vulnerable to a denial of service, caused by an integer overflow in the decode_digit function in puny_decode.c. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131302](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131302>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7246](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7246>) \n** DESCRIPTION: **PCRE is vulnerable to a denial of service, caused by a stack-based buffer overflow flaw in the pcre32_copy_substring function in pcre_get.c in libpcre1. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash or other unspecified impact. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/123733](<https://exchange.xforce.ibmcloud.com/vulnerabilities/123733>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7245](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7245>) \n** DESCRIPTION: **PCRE is vulnerable to a denial of service, caused by a stack-based buffer overflow flaw in the pcre32_copy_substring function in pcre_get.c in libpcre1. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash or other unspecified impact. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/123732](<https://exchange.xforce.ibmcloud.com/vulnerabilities/123732>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2016-4984](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4984>) \n** DESCRIPTION: **openldap-servers could allow a local authenticated attacker to obtain sensitive information, caused by a weak permission for /usr/libexec/openldap/generate-server-cert.sh issue. By leveraging a race condition between the creation of the certificate, a local attacker could exploit this vulnerability to obtain the TLS certificate. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/129440](<https://exchange.xforce.ibmcloud.com/vulnerabilities/129440>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2016-9318](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9318>) \n** DESCRIPTION: **Libxml2 could allow a remote attacker to obtain sensitive information, caused by failure to offer a flag directly indicating the status of current document. By using a specially-crafted document to conduct a XML external entity (XXE) attack, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/119018](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119018>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2016-4493](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4493>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) is vulnerable to a denial of service, caused by a read access violation in demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty. An attacker could exploit this vulnerability using a specially crafted binary to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/116387](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116387>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-13685](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13685>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by a NULL pointer dereference in the dump_callback function. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131204](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131204>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2018-20483](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20483>) \n** DESCRIPTION: **GNU Wget could allow a local authenticated attacker to obtain sensitive information, caused by the storing of the origin URL in the user.xdg.origin.url metadata in the set_file_metadata function in xattr.c. By reading the metadata attribute, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/154793](<https://exchange.xforce.ibmcloud.com/vulnerabilities/154793>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-30720](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30720>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to bypass security restrictions, caused by a logic issue in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to access restricted ports on arbitrary servers. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-8908](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8908>) \n** DESCRIPTION: **Guava could allow a remote authenticated attacker to bypass security restrictions, caused by a temp directory creation vulnerability in com.google.common.io.Files.createTempDir(). By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192996](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192996>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2016-10707](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10707>) \n** DESCRIPTION: **jQuery is vulnerable to a denial of service, caused by removing a logic that lowercased attribute names. By using a mixed-cased name for boolean attributes, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138030](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138030>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-18074](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18074>) \n** DESCRIPTION: **The Requests package for Python could allow a remote attacker to obtain sensitive information, caused by sending information in an insecure manner. By sniffing the network, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/151296](<https://exchange.xforce.ibmcloud.com/vulnerabilities/151296>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-3721](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3721>) \n** DESCRIPTION: **Node.js lodash module could allow a remote attacker to bypass security restrictions, caused by a flaw in the defaultsDeep, 'merge, and mergeWith functions. By modifing the prototype of Object, an attacker could exploit this vulnerability to add or modify existing property that will exist on all objects. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144603](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144603>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-18874](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18874>) \n** DESCRIPTION: **psutil is vulnerable to a denial of service, caused by a double free. By using specially-crafted data, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171612](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171612>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-14145](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14145>) \n** DESCRIPTION: **OpenSSH is vulnerable to a man-in-the-middle attack, caused by an observable discrepancy flaw. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/184514](<https://exchange.xforce.ibmcloud.com/vulnerabilities/184514>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2020-24025](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24025>) \n** DESCRIPTION: **node-sass could allow a remote attacker to bypass security restrictions, caused by the disablement of certificate validation when requesting binaries even if the user is not specifying an alternative download path. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-24370](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24370>) \n** DESCRIPTION: **Lua is vulnerable to a denial of service, caused by a negation overflow and segmentation fault in getlocal and setlocal. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/186868](<https://exchange.xforce.ibmcloud.com/vulnerabilities/186868>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-28168](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28168>) \n** DESCRIPTION: **Node.js axios module is vulnerable to server-side request forgery, caused by improper input validation. By providing a URL that responds with a redirect to a restricted host or IP address, an attacker could exploit this vulnerability to conduct SSRF attack to bypass a proxy. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191660](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191660>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-30641](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641>) \n** DESCRIPTION: **Apache HTTP Server could provide weaker than expected security, caused by unexpected URL matching behavior with 'MergeSlashes OFF. An attacker could exploit this vulnerability to match URLs from all sites in the same domain and launch further attacks on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203459](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203459>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-31535](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31535>) \n** DESCRIPTION: **X.Org libX11 is vulnerable to a denial of service, caused by improper input validation by the length of the string parameters. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause emission of extra X protocol requests to the X server, and results in a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202043](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202043>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-33503](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33503>) \n** DESCRIPTION: **urllib3 is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw due to catastrophic backtracking. By sending a specially-crafted URL request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203109](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203109>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-33928](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33928>) \n** DESCRIPTION: **Libsolv is vulnerable to a denial of service, caused by a heap-based buffer overflow in the pool_installable in src/repo.h function. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208702](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208702>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-33929](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33929>) \n** DESCRIPTION: **Libsolv is vulnerable to a denial of service, caused by a heap-based buffer overflow in the pool_disabled_solvable in src/repo.h. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208665](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208665>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-33930](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33930>) \n** DESCRIPTION: **Libsolv is vulnerable to a denial of service, caused by a heap-based buffer overflow in the pool_installable_whatprovides in src/repo.h function. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208664](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208664>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-33938](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33938>) \n** DESCRIPTION: **Libsolv is vulnerable to a denial of service, caused by a heap-based buffer overflow in the prune_to_recommended in src/policy.c function. An attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208663](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208663>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35556](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Swing component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211632](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211632>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35559](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Swing component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211635](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211635>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35561](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Utility component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211637](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211637>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35564](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Keytool component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-35565](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211641](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211641>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35578](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211654](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211654>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35586](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the ImageIO component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211661](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211661>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-29362](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29362>) \n** DESCRIPTION: **p11-glue p11-kit could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer over-read flaw in the RPC protocol. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain up to 4 bytes of memory past the heap allocation, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193533](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193533>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2017-6891](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6891>) \n** DESCRIPTION: **GnuTLS libtasn1 is vulnerable to a stack-based buffer overflow, caused by 2 errors in the asn1_find_node function in lib/parser_aux.c. By persuading a victim to open a specially-crafted assignments file, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/127214](<https://exchange.xforce.ibmcloud.com/vulnerabilities/127214>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-4008](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4008>) \n** DESCRIPTION: **GNU Libtasn1 is vulnerable to a denial of service, caused by improper handling of the ASN1_DECODE_FLAG_STRICT_DER flag in _asn1_extract_der_octet function in lib/decoding.c. By using a malformed certificate, a remote attacker could exploit this vulnerability to cause the application to stop responding. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/113127](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113127>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-8817](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8817>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to bypass security restrictions, caused by an out-of-bounds read flaw in the FTP wildcard matching function (CURLOPT_WILDCARDMATCH). By using a string that ends with an '[' character, an attacker could exploit this vulnerability to redirect the victim to an arbitrary site. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135658](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135658>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-8625](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8625>) \n** DESCRIPTION: **cURL/libcurl could provide weaker than expected security, caused by the translation of International Domain Names (IDNA) to puny code for DNS resolving using the IDNA 2003 standard. An attacker could exploit this vulnerability to issue network transfer requests to the wrong host. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118644](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118644>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-8624](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8624>) \n** DESCRIPTION: **cURL/libcurl could allow a remote attacker to bypass security restrictions, caused by the failure to parse the authority component of the URL when handling '#' character. By using a specially-crafted URL with '#' character, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118642](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118642>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-8621](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8621>) \n** DESCRIPTION: **cURL/libcurl could allow a remote attacker to obtain sensitive information, caused by an out of bounds read error within the curl_getdate function. By using specially-crafted date strings, a remote attacker could exploit this vulnerability to execute arbitrary code in the context of the process and obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2016-8616](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8616>) \n** DESCRIPTION: **cURL/libcurl could allow a remote attacker to bypass security restrictions, caused by the use of case insensitive comparisons. By using valid credentials exists for a protocol which supports connection-scoped credentials, an attacker could exploit this vulnerability to cause a connection to be reused. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-8615](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8615>) \n** DESCRIPTION: **cURL/libcurl is vulnerable to cookie injection, caused by an error related to fgets() function. By using a malicious server that sends a very long cookie name and value, a remote attacker could exploit this vulnerability to inject a malicious cookie for arbitrary domains. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118632](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118632>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-22924](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22924>) \n** DESCRIPTION: **An unspecified error with bad connection reused due to improper path name validation in cURL libcurl has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206047](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206047>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-0755](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0755>) \n** DESCRIPTION: **Libcurl could allow a remote attacker to bypass security restrictions, caused by the failure to check NTLM-authenticated proxy connections for reuse. An attacker could exploit this vulnerability to use a proxy connection for a different authenticated client username. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/110290](<https://exchange.xforce.ibmcloud.com/vulnerabilities/110290>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-13050](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13050>) \n** DESCRIPTION: **GNU Privacy Guard (GnuPG) is vulnerable to a denial of service, caused by a certificate spamming attack when referring to a host on the SKS keyserver network in the keyserver configuration. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/166417](<https://exchange.xforce.ibmcloud.com/vulnerabilities/166417>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2015-5276](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5276>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) could provide weaker than expected security, caused by the failure to properly handle short reads from blocking sources by the std::random_device class in libstdc++. A remote attacker could exploit thsi vulnerability to predict random values. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/108548](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108548>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-19645](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by an infinite recursion flaw in alter.c. By sending a specially-crafted request using certain types of self-referential views in conjunction with ALTER TABLE statements, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172774](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172774>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-19880](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19880>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by an invalid pointer dereference in exprListAppendList in window.c. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173387](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173387>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-19924](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19924>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by the mishandling of certain parser-tree rewriting in the sqlite3WindowRewrite function in expr.c, vdbeaux.c, and window.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173495](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173495>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-8457](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by a heap out-of-bound read in the rtreenode() function when handling invalid rtree tables. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-13631](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13631>) \n** DESCRIPTION: **SQLite could allow a remote attacker to bypass security restrictions, caused by a flaw in the alter.c and build.c. By sending a specially crafted request, an attacker could exploit this vulnerability to rename the virtual table to the name of one of its shadow tables. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182611](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182611>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2017-9233](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9233>) \n** DESCRIPTION: **libexpat is vulnerable to a denial of service, caused by a XML External Entity vulnerability in the parser. By using a specially-crafted XML file, a remote attacker could exploit this vulnerability to cause an infinite loop. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/129459](<https://exchange.xforce.ibmcloud.com/vulnerabilities/129459>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2016-5300](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5300>) \n** DESCRIPTION: **Expat XML parser is vulnerable to a denial of service, caused by the failure to use sufficient entropy for hash initialization. By using specially-crafted identifiers in an XML document, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/114435](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114435>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2016-4472](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472>) \n** DESCRIPTION: **Expat XML parser is vulnerable to a denial of service, caused by the removal by compilers with certain optimization settings. By using a specially-crafted XML data, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/114683](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114683>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2015-2695](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695>) \n** DESCRIPTION: **MIT Kerberos is vulnerable to a denial of service, caused by a pointer type error in the GSS-API library. By sending a specially crafted gss_inquire_context() call on a partially-established SPNEGO context, a remote attacker could exploit this vulnerability to cause the process to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/107874](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107874>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2015-2696](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696>) \n** DESCRIPTION: **MIT Kerberos is vulnerable to a denial of service, caused by a pointer type error in the GSS-API library. By sending a specially crafted gss_inquire_context() call on a partially-established IAKERB context, a remote attacker could exploit this vulnerability to cause the process to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/107875](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-19906](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19906>) \n** DESCRIPTION: **cyrus-sasl is vulnerable to a denial of service, caused by an off-by-one error in _sasl_add_string in common.c. By sending a malformed LDAP packet, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173382](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173382>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2016-1234](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1234>) \n** DESCRIPTION: **glibc is vulnerable to a denial of service, caused by a stack-based buffer overflow within the glob implementation when GLOB_ALTDIRFUNC is used. A remote attacker could exploit this vulnerability using an overly long name to overflow a buffer and cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/111311](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111311>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-13956](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13956>) \n** DESCRIPTION: **Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs. By passing request URIs to the library as java.net.URI object, an attacker could exploit this vulnerability to pick the wrong target host for request execution. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189572](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-26154](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26154>) \n** DESCRIPTION: **libproxy is vulnerable to a buffer overflow, caused by improper bounds checking. By persuading a victim to open a specially crafted PAC file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189418](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189418>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-13645](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13645>) \n** DESCRIPTION: **GNOME glib-networking is vulnerable to a man-in-the-middle attack, caused by missing hostname verification in the server TLS certificate in the implementation of GTlsClientConnection. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2018-16435](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16435>) \n** DESCRIPTION: **Little CMS is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the AllocateDataSet function in cmscgats.c. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/149326](<https://exchange.xforce.ibmcloud.com/vulnerabilities/149326>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2008-3105](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3105>) \n** DESCRIPTION: **Sun Java Runtime Environment (JRE) is vulnerable to a denial of service, caused by an error in XML data processing. An attacker could exploit this vulnerability using the JAX-WS client or a service in a trusted application to cause a denial of service. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/43657](<https://exchange.xforce.ibmcloud.com/vulnerabilities/43657>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2021-22931](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22931>) \n** DESCRIPTION: **Node.js could provide weaker than expected security, caused by missing input validation on hostnames returned by DNS servers. An attacker could exploit this vulnerability to cause output of wrong hostnames leading to Domain Hijacking and and injection vulnerabilities in applications using the library. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207230](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207230>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-3672](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3672>) \n** DESCRIPTION: **The c-ares library could provide weaker than expected security, caused by missing input validation on hostnames returned by DNS servers. An attacker could exploit this vulnerability to cause the output of wrong hostnames leading to Domain Hijacking and and injection vulnerabilities in applications using the library. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207212](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207212>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2015-3153](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3153>) \n** DESCRIPTION: **cURL/libcURL could allow a remote attacker to obtain sensitive information, caused by custom HTTP headers with sensitive content being sent to the server and intermediate proxy by the CURLOPT_HTTPHEADER option. An attacker could exploit this vulnerability to obtain authentication cookies or other sensitive information. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/102989](<https://exchange.xforce.ibmcloud.com/vulnerabilities/102989>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n \n** CVEID: **[CVE-2016-8617](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8617>) \n** DESCRIPTION: **cURL/libcurl could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an out of bounds write in the base64 encode function. By using a specially crafted username, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118636](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118636>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-3859](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3859>) \n** DESCRIPTION: **libssh2 is vulnerable to a denial of service, caused by an out-of-bounds read in the _libssh2_packet_require and _libssh2_packet_requirev functions. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to cause a denial of service or read data in the client memory. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/158343](<https://exchange.xforce.ibmcloud.com/vulnerabilities/158343>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-3860](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3860>) \n** DESCRIPTION: **libssh2 is vulnerable to a denial of service, caused by an out-of-bounds read when parsing packets with empty payloads. By sending a specially crafted SFTP packet, a remote attacker could exploit this vulnerability to cause a denial of service or read data in the client memory. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/158344](<https://exchange.xforce.ibmcloud.com/vulnerabilities/158344>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-13558](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13558>) \n** DESCRIPTION: **WebKitGTK and WPE WebKit could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the AudioSourceProviderGStreamer class. By persuading a victim to open specially-crafted web content, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196795](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196795>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-1788](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1788>) \n** DESCRIPTION: **Apple macOS could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the WebKit component. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195895](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195895>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-1789](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1789>) \n** DESCRIPTION: **Apple macOS could allow a remote attacker to execute arbitrary code on the system, caused by a type confusion in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195893](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195893>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-1844](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1844>) \n** DESCRIPTION: **Apple Safari, macOS Big Sur, iOS, iPadOS and watchOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption flaw in the WebKit component. By persuading a victim to open a specially-crafted web content, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197853](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197853>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-1870](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1870>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a logic issue in the WebKit component. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195638](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195638>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-1871](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1871>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a logic issue in the WebKit component. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-21779](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21779>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the WebKit componenet. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202343](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202343>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-21806](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21806>) \n** DESCRIPTION: **WebKit WebKitGTK could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw in fireEventListeners. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code in the context of the current process. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205101](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205101>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30663](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30663>) \n** DESCRIPTION: **Apple iOS, iPadOS and macOS Big Sur could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201120](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201120>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30665](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30665>) \n** DESCRIPTION: **Apple iOS, iPadOS, watchOS and macOS Big Sur could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption issue in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201119](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201119>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30734>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by multiple memory corruption issues in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202348](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202348>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30749](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30749>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by multiple memory corruption issues in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202347](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202347>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30758](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30758>) \n** DESCRIPTION: **Apple Safari could allow a remote attacker to execute arbitrary code on the system, caused by a type confusion in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206132](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206132>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30795](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30795>) \n** DESCRIPTION: **Apple Safari could allow a remote attacker to execute arbitrary code on the system, caused by an error in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206134](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206134>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30797](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30797>) \n** DESCRIPTION: **Apple Safari could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206133](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206133>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30799](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30799>) \n** DESCRIPTION: **Apple macOS Catalina could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206131](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206131>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-13565](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13565>) \n** DESCRIPTION: **OpenLDAP could allow a remote authenticated attacker to gain elevated privileges on the system, caused by an error when using SASL authentication and session encryption. An attacker could exploit this vulnerability to gain privileges on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165451](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165451>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-18276](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276>) \n** DESCRIPTION: **GNU Bash could allow a remote authenticated attacker to gain elevated privileges on the system, caused by a flaw in the disable_priv_mode in shell.c. By sending a specially-crafted command, an attacker could exploit this vulnerability to escalate privileges. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172331](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172331>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-9924](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9924>) \n** DESCRIPTION: **Bash could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by the failure to prevent the shell user from modifying BASH_CMDS in the rbash. By modifying BASH_CMDS, an attacker could exploit this vulnerability to execute arbitrary commands on the system with the permissions of the shell. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/158906](<https://exchange.xforce.ibmcloud.com/vulnerabilities/158906>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3520](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3520>) \n** DESCRIPTION: **lz4 could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow. By sending a specially crafted file, an attacker could invoke memmove() on a negative size argument leading to memory corruption and trigger an out-of-bounds write or cause the library to crash. \nCVSS Base score: 8.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202592](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202592>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H) \n \n** CVEID: **[CVE-2021-3518](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3518>) \n** DESCRIPTION: **GNOME libxml2 could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the xmlXIncludeDoProcess() function in xinclude.c. By sending a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203144](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203144>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H) \n \n** CVEID: **[CVE-2021-3517](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3517>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by xmlEncodeEntitiesInternal() in entities.c. By sending a specially crafted file, a remote attacker could trigger an out-of-bounds read and execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 8.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202526](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202526>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H) \n \n** CVEID: **[CVE-2021-3796](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3796>) \n** DESCRIPTION: **Vim is vulnerable to a denial of service, caused by a use-after-free in nv_replace. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L) \n \n** CVEID: **[CVE-2019-13115](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13115>) \n** DESCRIPTION: **libssh2 could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in the kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/163766](<https://exchange.xforce.ibmcloud.com/vulnerabilities/163766>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-12762](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12762>) \n** DESCRIPTION: **json-c could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow and out-of-bounds write. By persuading a victim to run a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182094](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182094>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-27828](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27828>) \n** DESCRIPTION: **Jasper is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the cp_create() in jpc_enc.c. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193630](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193630>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-27918](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27918>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error in the WebKit component. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the device. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191303](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191303>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-35492](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35492>) \n** DESCRIPTION: **cairo is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by image-compositor.c. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198420](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198420>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3778](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3778>) \n** DESCRIPTION: **Vim is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. By sending a specially-crafted input, a local attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209481](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209481>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2017-10140](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10140>) \n** DESCRIPTION: **Postfix could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in in undocumented function in Berkeley DB. By reading settings from DB_CONFIG in the current directory, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/142457](<https://exchange.xforce.ibmcloud.com/vulnerabilities/142457>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3516](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3516>) \n** DESCRIPTION: **libxml2 could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in xmlEncodeEntitiesInternal() in entities.c. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202838](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202838>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-24977](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24977>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a buffer overflow, caused by improper bounds checking by the xmlEncodeEntitiesInternal function in libxml2/entities.c. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/187847](<https://exchange.xforce.ibmcloud.com/vulnerabilities/187847>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-38185](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38185>) \n** DESCRIPTION: **GNU cpio could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow that triggers an out-of-bounds heap write in the ds_fgetstr function in dstring.c. By persuading a victim to open a specially-crafted crafted pattern file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207047](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207047>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-22922](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22922>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to bypass security restrictions, caused by not removing incorrect content by the metalink feature. By persuading a victim to download specially-crafted content, an attacker could exploit this vulnerability to access malicious content to keep in the file on disk for further attack. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206045](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206045>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-35942](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942>) \n** DESCRIPTION: **GNU C Library (aka glibc) could allow a local attacker to obtain sensitive information, caused by a flaw when called with an untrusted, crafted pattern in thewordexp function. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain read arbitrary memory in parse_param (in posix/wordexp.c), or cause the application to crash. \nCVSS Base score: 7.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206317](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206317>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2021-21775](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21775>) \n** DESCRIPTION: **WebKit WebKitGTK could allow a remote attacker to obtain sensitive information, caused by a use-after-free flaw when certain events are processed for ImageLoader objects. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to obtain sensitive information and cause further memory corruptions. \nCVSS Base score: 7.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205100](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205100>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L) \n \n** CVEID: **[CVE-2014-0452](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Java SE related to the JAX-WS component has partial confidentiality impact, partial integrity impact, and partial availability impact. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/92474](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92474>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2018-12700](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12700>) \n** DESCRIPTION: **GNU Binutils is vulnerable to a denial of service, caused by a stack exhaustion in debug_write_type in debug.c. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145316](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145316>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-13117](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13117>) \n** DESCRIPTION: **libxslt could allow a remote attacker to obtain sensitive information, caused by an error in numbers.c that leads to an uninitialized read in xsltNumberFormatInsertNumbers. An attacker could exploit this vulnerability to discern whether a byte on the stack contains the characters A, a, I, I, or 0, or any other character. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/166134](<https://exchange.xforce.ibmcloud.com/vulnerabilities/166134>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2019-20838](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838>) \n** DESCRIPTION: **PCRE is vulnerable to a denial of service, caused by a buffer over-read in JIT. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/185645](<https://exchange.xforce.ibmcloud.com/vulnerabilities/185645>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-13435](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13435>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by flaw in the sqlite3ExprCodeTarget function in expr.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a segmentation fault. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182406](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182406>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-16135](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16135>) \n** DESCRIPTION: **Libssh is vulnerable to a denial of service, caused by a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/186148](<https://exchange.xforce.ibmcloud.com/vulnerabilities/186148>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36241](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36241>) \n** DESCRIPTION: **GNOME gnome-autoar could allow a remote attacker to traverse directories on the system, caused by the lack of checks of file in autoar-extractor.c. An attacker could send a specially-crafted file to overwrite arbitrary files on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196330](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196330>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2020-36332](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332>) \n** DESCRIPTION: **Libwebp is vulnerable to a denial of service, caused by allocating an excessive amount of memory. By reading a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202249](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202249>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-20270](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20270>) \n** DESCRIPTION: **Pygments is vulnerable to a denial of service, caused by an infinite loop in SMLLexer. By performing syntax highlighting of an SML source file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198758](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198758>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-22876](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by the failure to strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to obtain user credentials, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199186](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199186>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-22898](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a flaw in the option parser for sending NEW_ENV variables. By sending a specially-crafted request using a clear-text network protocol, an attacker could exploit this vulnerability to obtain sensitive internal information to the server, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202562](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202562>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-22946](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a required TLS bypassed issue. By sniffing the network, an attacker could exploit this vulnerability to obtain sensitive data in clear text over the network, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209452](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209452>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-23840](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly long argument, an attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196848](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196848>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-29059](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29059>) \n** DESCRIPTION: **Node.js IS-SVG module is vulnerable to a denial of service, caused by an error when the application is provided and checks a specially crafted invalid HWB string. By sending a specially crafted string, a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204157](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204157>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-33574](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574>) \n** DESCRIPTION: **GNU C Library (aka glibc) is vulnerable to a denial of service, caused by a use-after-free flaw in the mq_notify function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202550](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202550>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-37136](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not allow size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211777](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211777>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-37137](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not restrict the chunk length in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause excessive memory usage, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211779](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211779>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3765](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3765>) \n** DESCRIPTION: **validator.js is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw when calling the rtrim function. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212669](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212669>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-11113](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11113>) \n** DESCRIPTION: **ncurses is vulnerable to a denial of service, caused by a NULL pointer dereference in the _nc_parse_entry function of tinfo/parse_entry.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/129022](<https://exchange.xforce.ibmcloud.com/vulnerabilities/129022>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-11112](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11112>) \n** DESCRIPTION: **ncurses is vulnerable to a denial of service, caused by an attempted 0xffffffffffffffff access in the append_acs function of tinfo/parse_entry.c issue. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/129021](<https://exchange.xforce.ibmcloud.com/vulnerabilities/129021>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-29361](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29361>) \n** DESCRIPTION: **p11-glue p11-kit are vulnerable to a denial of service, caused by multiple integer overflows when allocating memory for arrays of attributes and object identifiers. By sending a specially-crafted request using realloc or calloc function, an attacker could exploit this vulnerability to cause a denial of service or possibly execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193532](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193532>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2018-6003](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6003>) \n** DESCRIPTION: **GNU Libtasn1 is vulnerable to a denial of service, caused by a stack exhaustion in the _asn1_decode_simple_ber function in decoding.c. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138175](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138175>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-10790](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10790>) \n** DESCRIPTION: **GNU Libtasn1 is vulnerable to a denial of service, caused by a NULL pointer dereference in the _asn1_check_identifier function. By reading specially crafted input, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/129312](<https://exchange.xforce.ibmcloud.com/vulnerabilities/129312>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-11164](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164>) \n** DESCRIPTION: **PCRE is vulnerable to a denial of service, caused by an uncontrolled recursion flaw in the OP_KETRMAX feature in the match function in pcre_exec.c. By using a specially-crafted regular expression, a remote attacker could exploit this vulnerability to cause stack exhaustion. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/129046](<https://exchange.xforce.ibmcloud.com/vulnerabilities/129046>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-1000254](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254>) \n** DESCRIPTION: **libcurl is vulnerable to a denial of service, caused by a buffer overread in the string parser. By sending a specially-crafted response to a PWD command, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/133027](<https://exchange.xforce.ibmcloud.com/vulnerabilities/133027>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-8285](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285>) \n** DESCRIPTION: **cURL libcurl is vulnerable to a denial of service, caused by a stack-based buffer overflow in the wildcard matching function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192855](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192855>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-27212](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27212>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by an assertion failure in slapd within the issuerAndThisUpdateCheck function. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause a daemon exit. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196992](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196992>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36221](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36221>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by an integer underflow in the Certificate Exact Assertion processing. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195550](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195550>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36222](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36222>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by an assertion failure in the saslAuthzTo validation. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195551](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195551>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36223](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36223>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by a double free and out-of-bounds read in the Values Return Filter control handling. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195552](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195552>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36224](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36224>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by an invalid pointer free in the saslAuthzTo processing. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195553](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195553>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36225](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36225>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by a double free in the saslAuthzTo processing. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195554](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195554>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36226](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36226>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by a memch->bv_len miscalculation flaw in the saslAuthzTo processing. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195555](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195555>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36227](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36227>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by an infinite loop in the cancel_extop Cancel operation. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195556](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195556>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36228](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36228>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by an integer underflow in the Certificate List Exact Assertion processing. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195557](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195557>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36229](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36229>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by a flaw in the X.509 DN parsing in ad_keystring. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195558](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195558>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36230](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36230>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by an assertion failure in the X.509 DN parsing in decode.c ber_next_element. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195559](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195559>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-25710](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25710>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by an assertion failure in csnNormalize23 function in servers/slapd/schema_init.c. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192487](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192487>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-25709](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25709>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by an assertion failure in certificateListValidate function in servers/slapd/schema_init.c. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192486](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192486>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-20387](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20387>) \n** DESCRIPTION: **libsolv is vulnerable to a denial of service, caused by a heap-based buffer over-read in the repodata_schema2id function in repodata.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175508](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175508>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2016-9574](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9574>) \n** DESCRIPTION: **Mozilla Network Security Services (NSS), as used in Mozilla Firefox is vulnerable to a denial of service, caused by an error during the session handshake. A remote attacker could exploit this vulnerability using using SessionTicket extension and ECDHE-ECDSA to cause a denail of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/148073](<https://exchange.xforce.ibmcloud.com/vulnerabilities/148073>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3537](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3537>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a denial of service, caused by a NULL pointer dereference flaw when parsing XML mixed content in recovery mode and post-validated. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203084](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203084>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-16932](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16932>) \n** DESCRIPTION: **Xmlsoft libxml2 is vulnerable to a denial of service, caused by an infinite recursion issue in parameter entities. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to exhaust available memory on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135489](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135489>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-7595](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7595>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a denial of service, caused by an error in xmlStringLenDecodeEntities in parser.c. An attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175333](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175333>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-36222](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222>) \n** DESCRIPTION: **MIT Kerberos (aka krb5) is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC). By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the daemon to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206318](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206318>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-11462](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11462>) \n** DESCRIPTION: **A double free vulnerability in MIT Kerberos 5 (aka krb5) has an unknown impact and attack vector involving automatic deletion of security contexts on error. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/132060](<https://exchange.xforce.ibmcloud.com/vulnerabilities/132060>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2020-28196](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28196>) \n** DESCRIPTION: **MIT Kerberos 5 (aka krb5) is vulnerable to a denial of service, caused by an unbounded recursion flaw in lib/krb5/asn.1/asn1_encode.c. By sending a specially-crafted ASN.1-encoded Kerberos message, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191321](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191321>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-15671](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15671>) \n** DESCRIPTION: **GNU C Library is vulnerable to a denial of service, caused by a memory leak in the glob function in glob.c. A remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/133909](<https://exchange.xforce.ibmcloud.com/vulnerabilities/133909>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-25219](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25219>) \n** DESCRIPTION: **libproxy is vulnerable to a denial of service, caused by an uncontrolled recursion in url::recvline in url.cpp. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause stack exhaustion. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188145](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188145>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2018-9234](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9234>) \n** DESCRIPTION: **GnuPG could allow a remote attacker to bypass security restrictions, caused by the failure to enforce a configuration in which key certification requires an offline master Certify key. By sending a specially-crafted request, an attacker could exploit this vulnerability to sign the keys of others with only a signing subkey. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/141380](<https://exchange.xforce.ibmcloud.com/vulnerabilities/141380>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-20231](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231>) \n** DESCRIPTION: **GnuTLS is vulnerable to a denial of service, caused by a use-after-free issue in client sending key_share extension. By sending a specially-crafted request, an attacker could exploit this vulnerability to cause memory corruption and other consequences. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198173](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198173>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H) \n \n** CVEID: **[CVE-2021-20232](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232>) \n** DESCRIPTION: **GnuTLS is vulnerable to a denial of service, caused by a use-after-free issue in client_send_params in lib/ext/pre_shared_key.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to cause memory corruption and other consequences. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198172](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198172>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H) \n \n** CVEID: **[CVE-2021-22947](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947>) \n** DESCRIPTION: **cURL libcurl is vulnerable to a man-in-the-middle attack, caused by a flaw when connecting to an IMAP, POP3, SMTP or FTP server to exchange data securely using STARTTLS to upgrade the connection to TLS level. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209453](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209453>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2020-1752](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752>) \n** DESCRIPTION: **GNU glibc could allow a local attacker to execute arbitrary code on the system, caused by a use-after-free. By creating a specially crafted path, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181313](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181313>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-19603](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19603>) \n** DESCRIPTION: **An error during handling of CREATE TABLE and CREATE VIEW statements in SQLite has an unknown impact via a specially crafted table name. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172765](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172765>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-14155](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155>) \n** DESCRIPTION: **PCRE could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in libpcre. By sending a request with a large number, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183499](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183499>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-24870](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24870>) \n** DESCRIPTION: **LibRaw is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by ::identify_process_dng_fields. A remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203026](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203026>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2017-10685](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10685>) \n** DESCRIPTION: **ncurses (new curses) library could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a format string in the fmt_entry function. By sending specially-crafted format string specifiers in the argument, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/128176](<https://exchange.xforce.ibmcloud.com/vulnerabilities/128176>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2017-10684](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10684>) \n** DESCRIPTION: **ncurses (new curses) library is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the fmt_entry function. By sending an overly long string argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/128175](<https://exchange.xforce.ibmcloud.com/vulnerabilities/128175>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-6262](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6262>) \n** DESCRIPTION: **libidn is vulnerable to a stack-based buffer overflow, caused by improper validation of input in idna.c. A remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/115586](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115586>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-6261](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6261>) \n** DESCRIPTION: **libidn is vulnerable to a stack-based buffer overflow, caused by an out-of-bounds read error in idna_to_ascii_4i function in idna.c. A remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/115585](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115585>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2015-8948](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8948>) \n** DESCRIPTION: **libidn is vulnerable to a stack-based buffer overflow, caused by an out-of-bounds read error. A remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/115588](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115588>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-9586](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9586>) \n** DESCRIPTION: **cURL/libcurl is vulnerable to a buffer overflow, caused by improper boundary checks by the floating point conversion. By sending a specially crafted string, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/119929](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119929>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-8619](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8619>) \n** DESCRIPTION: **cURL/libcurl could allow a remote attacker to execute arbitrary code on the system, caused by double-free error in the krb5 code. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118637](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118637>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-8618](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8618>) \n** DESCRIPTION: **cURL/libcurl could allow a remote attacker to execute arbitrary code on the system, caused by double-free error in the curl_maprintf() function on systems using 32 bit size_t variables. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118645](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118645>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-1951](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1951>) \n** DESCRIPTION: **Mozilla Netscape Portable Runtime (NSPR) is vulnerable to a buffer overflow, caused by multiple integer overflows in io/prprf.c. By sending an overly long string to a PR_*printf function, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/116020](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116020>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2017-7501](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7501>) \n** DESCRIPTION: **rpm could allow a local attacker to launch a symlink attack, caused by the use of a temporary files with predictable names when installing an RPM. A local authenticated attacker could exploit this vulnerability by creating a symbolic link from a temporary file to arbitrary location, which could allow the attacker to modify content, gain elevated privileges on the system or cause a denial of service. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/132734](<https://exchange.xforce.ibmcloud.com/vulnerabilities/132734>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2017-7500](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7500>) \n** DESCRIPTION: **rpm could allow a local attacker to launch a symlink attack, caused by the improper handling of RPM installations when a destination path was a symbolic link to a directory. A local authenticated attacker could exploit this vulnerability by creating a symbolic link from a temporary file to directories, which could allow the attacker to gain root privileges on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/132733](<https://exchange.xforce.ibmcloud.com/vulnerabilities/132733>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2017-16931](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16931>) \n** DESCRIPTION: **Xmlsoft libxml2 is vulnerable to a buffer overflow, caused by improper handling of parameter-entity references in xmlParserHandlePEReference function. By using a percent character in a DTD name, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135488](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135488>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-4492](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4492>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) could allow a remote attacker to execute arbitrary code on the system, caused by a write access violation on destination operand in the libiberty demangler. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/116386](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116386>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-4491](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4491>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) is vulnerable to a stack-based buffer overflow, caused by an infinite recursion in d_print_comp in the libiberty demangler library. By sending a specially crafted argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/116385](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116385>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-4490](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4490>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) could allow a remote attacker to execute arbitrary code on the system, caused by a write access violation in cp-demangle.c. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/116384](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116384>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-4489](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4489>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in the demangling of virtual tables in method gnu_special. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/116383](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116383>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-4488](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4488>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free to array ktypevec if the libiberty demangler is called with a certain class signature. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/116382](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116382>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-4487](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4487>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free if the libiberty demangler is called with a certain class signature. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/116381](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116381>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-2226](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2226>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) is vulnerable to a buffer overflow, caused by an integer overflow in cplus-dem.c when it tries to demangle specially crafted function arguments in the libiberty binary. By sending a specially crafted argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/116380](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116380>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-20218](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20218>) \n** DESCRIPTION: **An unspecified error in selectExpander in select.c in SQLite has an unknown impact and attack vector. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173900](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173900>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2017-10989](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10989>) \n** DESCRIPTION: **SQLite is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by getNodeSize function in ext/rtree/rtree.c. By using a specially-crafted database, a remote attacker could overflow a buffer and cause unspecified impacts on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/128354](<https://exchange.xforce.ibmcloud.com/vulnerabilities/128354>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-9169](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9169>) \n** DESCRIPTION: **GNU glibc is vulnerable to a heap-based buffer overflow, caused by a buffer over-read flaw in the proceed_next_node function in posix/regexec.c. By sending a specially-crafted argument using a case-insensitive regular-expression match, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/157800](<https://exchange.xforce.ibmcloud.com/vulnerabilities/157800>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-4429](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4429>) \n** DESCRIPTION: **GNU C Library (glibc or libc6) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the clntudp_call function within sunrpc/clnt_udp.c. By sending specially-crafted ICMP and UDP packets, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/114024](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114024>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2015-8983](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8983>) \n** DESCRIPTION: **glibc is vulnerable to a heap-based buffer overflow, caused by an integer overflow in the _IO_wstr_overflow function in libio/wstrops.c. A remote attacker could exploit the vulnerability to cause the application to crash or execute arbitrary code in the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/126596](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126596>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2015-8982](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8982>) \n** DESCRIPTION: **glibc is vulnerable to a stack-based buffer overflow, caused by an integer overflow, caused by an integer overflow in the strxfrm function function. By sending a specially crafted string, a remote attacker could exploit the vulnerability to cause the application to crash or execute arbitrary code in the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/126597](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126597>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-28957](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28957>) \n** DESCRIPTION: **lxml is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the defs.py script. A remote attacker could exploit this vulnerability using the HTML action attribute to inject malicious script into a Web page which would be executed in a victim\u2019s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim\u2019s cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198515](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198515>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41182](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41182>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the altField parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212274](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212274>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41183](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41183>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the Text parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212276](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212276>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41184](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41184>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the .position() function. A remote attacker could exploit this vulnerability using the of parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212277](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-7774](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7774>) \n** DESCRIPTION: **Node.js y18n module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191999](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191999>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-23440](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23440>) \n** DESCRIPTION: **Nodejs set-value module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209431](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209431>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-22940](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22940>) \n** DESCRIPTION: **Node.js could allow a remote attacker to bypass security restrictions, caused by an incomplete fix for CVE-2021-22930 related to a use-after-free on close http2 on stream canceling. An attacker could exploit this vulnerability to corrupt memory to change process behavior. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207520](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207520>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2016-10540](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10540>) \n** DESCRIPTION: **Node.js minimatch module is vulnerable to a denial of service, caused by a flaw in the minimatch function. By using a specially-crafted value, a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/149140](<https://exchange.xforce.ibmcloud.com/vulnerabilities/149140>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-7768](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7768>) \n** DESCRIPTION: **Node.js grpc module is vulnerable to a denial of service, caused by a prototype pollution flaw by the loadPackageDefinition function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191645](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191645>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-22930](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930>) \n** DESCRIPTION: **Node.js could allow a remote attacker to bypass security restrictions, caused by a use-after-free on close http2 on stream canceling. An attacker could exploit this vulnerability to corrupt memory to change process behavior. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206473](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206473>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-28092](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28092>) \n** DESCRIPTION: **Node.js is-svg module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By sending a specially-crafted regex string, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198145](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198145>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-29425](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425>) \n** DESCRIPTION: **Apache Commons IO could allow a remote attacker to traverse directories on the system, caused by improper input validation by the FileNameUtils.normalize method. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199852](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199852>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-32838](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32838>) \n** DESCRIPTION: **lask-RESTX is vulnerable to a denial of service, caused by a regular expression flaw in email_regex. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209812](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209812>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-37714](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37714>) \n** DESCRIPTION: **jsoup is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause the HTML and XML parser to get stuck, timeout, or throw unchecked exceptions resulting in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207858](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207858>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3795](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3795>) \n** DESCRIPTION: **semver-regex is vulnerable to a denial of service, caused by the inefficient regular expression complexity. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209463](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209463>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2008-3103](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3103>) \n** DESCRIPTION: **The Java Management Extensions (JMX) management agent included in the Sun Java Runtime Environment (JRE) could allow a remote attacker to bypass security restrictions, caused by an unspecified error. If local monitoring is enabled, a JMX client could exploit this vulnerability and perform unauthorized actions on a system running JMX. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/43669](<https://exchange.xforce.ibmcloud.com/vulnerabilities/43669>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2008-3109](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3109>) \n** DESCRIPTION: **Sun Java Runtime Environment (JRE) could allow a remote attacker to gain unauthorized access to the system, caused by an error related to scripting language support. By persuading a victim to download an untrusted applet or application, a remote attacker could read and write local files or execute local applications that are accessible to the victim. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/43660](<https://exchange.xforce.ibmcloud.com/vulnerabilities/43660>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2008-5347](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5347>) \n** DESCRIPTION: **Sun Java Runtime Environment (JRE) could allow untrusted applets and applications to gain elevated privileges on the system, caused by multiple unspecified vulnerabilities regarding the JAX-WS and JAXB packages. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/47068](<https://exchange.xforce.ibmcloud.com/vulnerabilities/47068>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2021-35567](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Libraries component could allow an authenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211643](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211643>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2015-4041](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4041>) \n** DESCRIPTION: **coreutils is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the src/sort.c. By persuading a victim to run a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/103307](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103307>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2021-42378](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378>) \n** DESCRIPTION: **BusyBox could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free in awk applet when processing a specially crafted awk pattern in the getvar_i function. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213531](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213531>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-42379](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379>) \n** DESCRIPTION: **BusyBox could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free in awk applet when processing a specially crafted awk pattern iin the next_input_file function. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213532](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213532>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-42380](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380>) \n** DESCRIPTION: **BusyBox could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free in awk applet when processing a specially crafted awk pattern iin the clrvar function. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213533](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213533>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-42381](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381>) \n** DESCRIPTION: **BusyBox could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free in awk applet when processing a specially crafted awk pattern iin the hash_init function. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213534](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213534>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-42382](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382>) \n** DESCRIPTION: **BusyBox could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free in awk applet when processing a specially crafted awk pattern iin the getvar_s function. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213535](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213535>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-42383](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42383>) \n** DESCRIPTION: **BusyBox could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free in awk applet when processing a specially crafted awk pattern iin the evaluate function. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213536](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213536>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-42384](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384>) \n** DESCRIPTION: **BusyBox could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free in awk applet when processing a specially crafted awk pattern iin the handle_special function. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213537](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213537>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-42385](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385>) \n** DESCRIPTION: **BusyBox could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free in awk applet when processing a specially crafted awk pattern iin the evaluate function. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213538](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213538>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-42386](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386>) \n** DESCRIPTION: **BusyBox could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free in awk applet when processing a specially crafted awk pattern iin the nvalloc function. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213539](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213539>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-1799](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1799>) \n** DESCRIPTION: **Apple macOS could allow a remote attacker to bypass security restrictions, caused by a port redirection issue in the WebRTC component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to gain access to restricted ports on arbitrary servers. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195887](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195887>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-1801](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1801>) \n** DESCRIPTION: **Apple macOS could allow a remote attacker to bypass security restrictions, caused by a logic issue in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to violate iframe sandboxing policy. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195886](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195886>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-22925](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22925>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a flaw in the option parser for sending NEW_ENV variables. By sniffing the network traffic, an attacker could exploit this vulnerability to obtain TELNET stack contents, and use this information to launch further attacks against the affected system. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206051](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206051>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2017-7781](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7781>) \n** DESCRIPTION: **Mozilla Firefox could allow a remote attacker to bypass security restrictions, caused by an elliptic curve point addition error when using mixed Jacobian-affine coordinates. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using man-in-the-middle techniques to compute an incorrect shared secret. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/130176](<https://exchange.xforce.ibmcloud.com/vulnerabilities/130176>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2018-18508](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18508>) \n** DESCRIPTION: **Mozilla Network Security Services (NSS), as used in Mozilla Firefox, is vulnerable to a denial of service, caused by a NULL pointer dereference in several CMS functions. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the server to crash. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160205](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160205>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2016-9074](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074>) \n** DESCRIPTION: **Mozilla Network Security Services (NSS), as used in Mozilla Firefox, could provide weaker than expected security, caused by an insufficient mitigation of timing side-channel attacks. An attacker could exploit this vulnerability to gain launch further attacks on the system. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118942](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118942>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2020-12399](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399>) \n** DESCRIPTION: **Mozilla Firefox could allow a remote attacker to obtain sensitive information, caused by a timing timing attack when performing DSA signatures. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to leak private keys and obtain sensitive information. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182800](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182800>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2015-8382](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8382>) \n** DESCRIPTION: **PCRE could allow a remote attacker to obtain sensitive information, caused by the mishandling of the pattern and related patterns involving (*ACCEPT) by the match function. An attacker could exploit this vulnerability using a specially crafted regular expression to obtain sensitive information or cause a denial of service. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/108465](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108465>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2021-37750](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37750>) \n** DESCRIPTION: **MIT Kerberos 5 (aka krb5) is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in kdc/do_tgs_req.c in the Key Distribution Center (KDC). By sending a specially-crafted FAST TGS request with no server field, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208020](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208020>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-42374](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374>) \n** DESCRIPTION: **BusyBox is vulnerable to a denial of service, caused by an out-of-bounds heap read in lzma/unlzma applet when specially crafted LZMA-compressed input is decompressed. A remote attacker could exploit this vulnerability to cause a denial of service or obtain sensitive information. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213527](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213527>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H) \n \n** CVEID: **[CVE-2021-22923](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22923>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by improper protection to user credentials by the metalink feature. By persuading a victim to connect a specially-crafted server, an attacker could exploit this vulnerability to obtain user credentials, and use this information to launch further attacks against the affected system. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206046](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206046>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-3445](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3445>) \n** DESCRIPTION: **libdnf could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw in signature verification functionality. By placing a signature in the main header, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 6.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203146](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203146>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-5827](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5827>) \n** DESCRIPTION: **Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds access in SQLite. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160450](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160450>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2017-7000](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7000>) \n** DESCRIPTION: **Google Chrome could allow a remote attacker to obtain sensitive information, caused by a pointer disclosure in SQLite. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/129419](<https://exchange.xforce.ibmcloud.com/vulnerabilities/129419>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2015-7036](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7036>) \n** DESCRIPTION: **SQLite could allow a remote attacker to execute arbitrary code on the system, caused by a pointer error in the fts3_tokenizer function. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/108154](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108154>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-28498](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28498>) \n** DESCRIPTION: **Node.js Elliptic module could allow a local attacker to obtain sensitive information, caused by a flaw in the secp256k1 implementation in elliptic/ec/key.js. By sending a specially-crafted request using a number of ECDH operations, an attacker could exploit this vulnerability to obtain the private key information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196053](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196053>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-36085](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085>) \n** DESCRIPTION: **SELinux Project SELinux is vulnerable to a denial of service, caused by a use-after-free in __cil_verify_classperms. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204794](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204794>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-36086](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086>) \n** DESCRIPTION: **SELinux Project SELinux is vulnerable to a denial of service, caused by a use-after-free in cil_reset_classpermission . By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204795](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204795>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-36087](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087>) \n** DESCRIPTION: **SELinux Project SELinux is vulnerable to a denial of service, caused by a heap-based buffer over-read in ebitmap_match_any. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204796](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204796>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-6004](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6004>) \n** DESCRIPTION: **Perl Compatible Regular Expressions (PCRE) is vulnerable to a denial of service, caused by a flaw in compile_bracket_matchingpath function in pcre_jit_compile.c. By supplying a specially-crafted regular expression, a local attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/122097](<https://exchange.xforce.ibmcloud.com/vulnerabilities/122097>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2015-9251](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9251>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2016-10735](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10735>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the data-target attribute. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155339](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155339>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-14041](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14041>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/146467](<https://exchange.xforce.ibmcloud.com/vulnerabilities/146467>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-20676](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20676>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155338](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155338>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-20677](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20677>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the affix configuration target property. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155337](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155337>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-10219](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10219>) \n** DESCRIPTION: **Hibernate-Validator is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the SafeHtml validator annotation A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171317](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171317>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-11358](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358>) \n** DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-8331](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8331>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the tooltip or popover data-template. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/157409](<https://exchange.xforce.ibmcloud.com/vulnerabilities/157409>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-26926](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26926>) \n** DESCRIPTION: **JasPer is vulnerable to a denial of service, caused by an out-of-bounds read by the jp2_decode function. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to disclose information or cause the application to crash. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197346](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197346>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H) \n \n** CVEID: **[CVE-2021-30689](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30689>) \n** DESCRIPTION: **Apple iOS and iPadOS are vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the WebKit. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202346](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202346>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-30744](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30744>) \n** DESCRIPTION: **Apple iOS and iPadOS are vulnerable to universal cross-site scripting, caused by improper validation of user-supplied input by the WebKit component. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202342](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202342>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2017-7526](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7526>) \n** DESCRIPTION: **Libgcrypt could allow a remote attacker to obtain sensitive information, caused by a cache side-channel attack when using left-to-right sliding window method by the RSA-1024 implementation. By running arbitrary software where the private key is used, an attacker could exploit this vulnerability to obtain the RSA private key. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/128271](<https://exchange.xforce.ibmcloud.com/vulnerabilities/128271>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2008-1191](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1191>) \n** DESCRIPTION: **Sun Java Web Start in Sun JDK and JRE could allow a remote attacker to gain elevated privileges, caused by an unspecified vulnerability which allows an untrusted application to assign additional permissions to itself. An attacker could exploit this vulnerability and gain elevated privileges to create arbitrary files on the system. \nCVSS Base score: 6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/41136](<https://exchange.xforce.ibmcloud.com/vulnerabilities/41136>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:S/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2021-26691](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691>) \n** DESCRIPTION: **Apache HTTP Server is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the mod_session. By sending a specially crafted SessionHeader, a remote attacker could overflow a buffer and cause a denial of service. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203465](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203465>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-33560](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560>) \n** DESCRIPTION: **GnuPG Libgcrypt could allow a remote attacker to obtain sensitive information, caused by improper handling of ElGamal encryption. By using side-channel attack techniques against mpi_powm, and the window size, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203266](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203266>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-35550](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211627](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211627>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2016-2779](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2779>) \n** DESCRIPTION: **util-linux could allow a local attacker to gain elevated privileges on the system, caused by an error when executing a program via \"runuser -u nonpriv program\". An attacker could exploit this vulnerability using the TIOCSTI ioctl to hijack the tty and gain elevated privileges on the system. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/111089](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111089>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2015-5218](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5218>) \n** DESCRIPTION: **util-linux is vulnerable to a buffer overflow, caused by improper bounds checking by the page parameter in the text-utils/colcrt.c script. By parsing specially-crafted file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/108550](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108550>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-2781](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781>) \n** DESCRIPTION: **util-linux could allow a local attacker to gain elevated privileges on the system, caused by an error when executing a program via \"chroot --userspec=someuser:somegroup / /path/to/test\". An attacker could exploit this vulnerability using the TIOCSTI ioctl to hijack the tty and gain elevated privileges on the system. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/111088](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111088>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2017-1000100](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100>) \n** DESCRIPTION: **cURL could allow a remote attacker to obtain sensitive information, caused by a TFTP URL processing error when doing a TFTP transfer. By redirecting a libcurl-using client request to a TFTP URL containing an overly long file name and tricking the server to send private memory contents, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/130190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/130190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-22939](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22939>) \n** DESCRIPTION: **Node.js could allow a remote attacker to bypass security restrictions. If the https API was used incorrectly and \"undefined\" was in passed for the \"rejectUnauthorized\" parameter, an attacker could exploit this vulnerability to connect to servers using an expired certificate. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207233](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207233>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-36159](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36159>) \n** DESCRIPTION: **libfetch could allow a remote attacker to obtain sensitive information, caused by the an out-of-bounds read flaw when handling numeric strings for the FTP and HTTP protocols. By sending a specially-crafted input, an attacker could exploit this vulnerability to obtain sensitive information, or cause the application to crash. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206715](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206715>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2020-7751](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7751>) \n** DESCRIPTION: **Pathval could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190564](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190564>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-23358](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23358>) \n** DESCRIPTION: **Node.js underscore module could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the template function. By sending a specially-crafted argument using the variable property, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198958](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198958>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3711](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711>) \n** DESCRIPTION: **OpenSSL is vulnerable to a buffer overflow, caused by improper bounds checking by the EVP_PKEY_decrypt() function within implementation of the SM2 decryption. By sending specially crafted SM2 content, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208072](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208072>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-25014](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014>) \n** DESCRIPTION: **Libwebp is vulnerable to a denial of service, caused by an uninitialized variable in function ReadSymbol. A remote attacker could exploit this vulnerability to gain sensitive information or cause the application to crash. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202256](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202256>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-18218](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18218>) \n** DESCRIPTION: **File is vulnerable to a heap-based buffer overflow, caused by improper improper bounds checking by the cdf_read_property_info function in cdf.c. By sending an overly large amount of CDF_VECTOR elements, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169693](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169693>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-42574](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42574>) \n** DESCRIPTION: **Unicode could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the bidirectional algorithm in the unicode specification. By creating a malicious patch containing well placed BiDi characters, an attacker could exploit this vulnerability to execute arbitrary code on the system. Note: This vulnerability also affects Rust. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212526](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212526>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3115](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3115>) \n** DESCRIPTION: **Golang Go could allow a remote attacker to execute arbitrary code on the system, caused by a command injection flaw when using the go get command to fetch modules that make use of cgo. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195678](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195678>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2017-15088](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15088>) \n** DESCRIPTION: **MIT Kerberos 5 (aka krb5) is vulnerable to a buffer overflow, caused by improper bounds checking by the Distinguished Name (DN) fields in the get_matching_data and X509_NAME_oneline_ex functions. By sending a specially-crafted request, a remote attacker could overflow a buffer and execute arbitrary code or cause a denial of service on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135696](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135696>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2008-5352](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5352>) \n** DESCRIPTION: **Sun Java Runtime Environment (JRE) is vulnerable to a heap-based buffer overflow, caused by an integer overflow in the JAR unpacking utility (unpack200) in the unpack library (unpack.dll). By persuading a victim to visit a malicious Web page, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 9.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/47062](<https://exchange.xforce.ibmcloud.com/vulnerabilities/47062>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C) \n \n** CVEID: **[CVE-2008-5358](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5358>) \n** DESCRIPTION: **Sun Java Runtime Environment (JRE) could allow a remote attacker to execute arbitrary code on the system, caused by an error when parsing GIF image files. By persuading a victim to visit a specially-crafted Web site containing a malicious GIF file, a remote attacker could corrupt memory during a splash screen display and execute arbitrary code on the system with the privileges of the victim. \nCVSS Base score: 9.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/47049](<https://exchange.xforce.ibmcloud.com/vulnerabilities/47049>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C) \n \n** CVEID: **[CVE-2018-25009](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009>) \n** DESCRIPTION: **Libwebp is vulnerable to a denial of service, caused by an out-of-bounds read in function ShiftBytes. A remote attacker could exploit this vulnerability to gain sensitive information or cause the application to crash. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202260](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202260>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2018-25010](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010>) \n** DESCRIPTION: **Libwebp is vulnerable to a denial of service, caused by an out-of-bounds read in function ApplyFilter. A remote attacker could exploit this vulnerability to gain sensitive information or cause the application to crash. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202255](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202255>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2018-25012](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012>) \n** DESCRIPTION: **Libwebp is vulnerable to a denial of service, caused by an out-of-bounds read in function ShiftBytes. A remote attacker could exploit this vulnerability to gain sensitive information or cause the application to crash. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202258](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202258>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2018-25013](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013>) \n** DESCRIPTION: **Libwebp is vulnerable to a denial of service, caused by an out-of-bounds read in function ShiftBytes. A remote attacker could exploit this vulnerability to gain sensitive information or cause the application to crash. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202257](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202257>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2020-36330](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330>) \n** DESCRIPTION: **Libwebp is vulnerable to a denial of service, caused by an out-of-bounds read in function ChunkVerifyAndAssign. A remote attacker could exploit this vulnerability to gain sensitive information or cause the application to crash. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202251](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202251>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2020-36331](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331>) \n** DESCRIPTION: **Libwebp is vulnerable to a denial of service, caused by an out-of-bounds read in function ChunkAssignData. A remote attacker could exploit this vulnerability to gain sensitive information or cause the application to crash. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202250](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202250>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2021-29921](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29921>) \n** DESCRIPTION: **Python is vulnerable to server-side request forgery, caused by improper input validation of octal strings in the stdlib ipaddress. By submitting a specially-crafted IP address to a web application, an attacker could exploit this vulnerability to conduct SSRF or local file include attacks. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201083](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201083>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2021-40438](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438>) \n** DESCRIPTION: **Apache HTTP Server is vulnerable to server-side request forgery, caused by an error in mod_proxy. By sending a specially crafted request uri-path, a remote attacker could exploit this vulnerability to forward the request to an origin server chosen by the remote user. \nCVSS Base score: 9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209526](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209526>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-13057](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13057>) \n** DESCRIPTION: **NetApp Data ONTAP operating in 7-Mode could allow a remote authenticated attacker to obtain sensitive information, caused by the failure to properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind. An attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/166359](<https://exchange.xforce.ibmcloud.com/vulnerabilities/166359>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-28650](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28650>) \n** DESCRIPTION: **GNOME gnome-autoar could allow a remote attacker to traverse directories on the system, caused by the lack of a check of whether a file's parent is a symlink in certain complex situations in autoar-extractor.c. n attacker can exploit this vulnerability to modify, create, or delete arbitrary files on the system. \nCVSS Base score: 4.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198306](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198306>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2020-15719](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15719>) \n** DESCRIPTION: **libldap in certain third-party OpenLDAP packages is vulnerable to a man-in-the-middle attack, caused by a certificate-validation flaw when asserting RFC6125 support. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 4.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/185628](<https://exchange.xforce.ibmcloud.com/vulnerabilities/185628>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-20284](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20284>) \n** DESCRIPTION: **GNU Binutils is vulnerable to a denial of service, caused by a heap-based buffer overflow in the _bfd_elf_slurp_secondary_reloc_section function in elf.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 4.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198864](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198864>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3572](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3572>) \n** DESCRIPTION: **pip package for python could allow a remote authenticated attacker to bypass security restrictions, caused by the improper handling of Unicode separators in git references. By creating a specially crafted tag, an attacker could exploit this vulnerability to install a different revision on a repository. \nCVSS Base score: 4.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208954](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208954>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-42771](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42771>) \n** DESCRIPTION: **Python-Babel Babel could allow a local authenticated attacker to traverse directories on the system, caused by a flaw in the Babel.Locale function. An attacker could load a specially-crafted .dat file containing \"dot dot\" sequences (/../) to execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211766](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211766>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2015-0247](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0247>) \n** DESCRIPTION: **e2fsprogs is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the libext2fs library. A local attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/100740](<https://exchange.xforce.ibmcloud.com/vulnerabilities/100740>) for the current score. \nCVSS Vector: (AV:L/AC:M/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2008-3106](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3106>) \n** DESCRIPTION: **Sun Java Runtime Environment (JRE) could allow a remote attacker to gain unauthorized access, caused by an error in XML data processing. By persuading a victim to download an untrusted applet or application, a remote attacker could gain unauthorized access to certain files and Web pages. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/43658](<https://exchange.xforce.ibmcloud.com/vulnerabilities/43658>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n** CVEID: **[CVE-2008-3110](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3110>) \n** DESCRIPTION: **Sun Java Runtime Environment (JRE) could allow a remote attacker to obtain sensitive information, caused by an error related to scripting language support. By persuading a victim to download an untrusted applet, a remote attacker could obtain information from another applet. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/43661](<https://exchange.xforce.ibmcloud.com/vulnerabilities/43661>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n** CVEID: **[CVE-2008-5349](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5349>) \n** DESCRIPTION: **Sun Java Runtime Environment (JRE) is vulnerable to a denial of service, caused by an unspecified error while processing RSA public keys. A remote attacker could exploit this vulnerability using a specially-crafted RSA public key to consume all available CPU resources. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/47064](<https://exchange.xforce.ibmcloud.com/vulnerabilities/47064>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2014-2413](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2413>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Java SE related to the Libraries component has no confidentiality impact, partial integrity impact, and no availability impact. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/92489](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92489>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2019-13750](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13750>) \n** DESCRIPTION: **Google Chrome could allow a remote attacker to bypass security restrictions, caused by insufficient data validation in SQLite. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass defense-in-depth measures. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172986](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172986>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-13751](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13751>) \n** DESCRIPTION: **Google Chrome could allow a remote attacker to obtain sensitive information, caused by uninitialized use in SQLite. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to obtain sensitive information from process memory. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172987](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172987>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-27291](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27291>) \n** DESCRIPTION: **pygments is vulnerable to a denial of service. By persuading a victim to open a specially-crafted ODIN file using the \"<\" character, a remote attacker could exploit this vulnerability to cause the application to process the file for an extended time. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198308](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198308>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-30682](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30682>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to obtain sensitive information, caused by a logic issue in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to user sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202344](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202344>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2017-16879](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16879>) \n** DESCRIPTION: **Ncurses is vulnerable to a denial of service, caused by stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c. By persuading a victim to open a specially crafted terminfo file, an remote attacker could exploit this vulnerability to cause the application to crash or possibly execute arbitrary code. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135309](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135309>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2015-2059](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2059>) \n** DESCRIPTION: **libidn could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read with stringprep functions on invalid UTF-8. An attacker could exploit this vulnerability to obtain sensitive information from an application using the libidn library. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/104409](<https://exchange.xforce.ibmcloud.com/vulnerabilities/104409>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-9633](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9633>) \n** DESCRIPTION: **GNOME GLib is vulnerable to a denial of service, caused by the failure to ensure that a parent GTask remains alive during the execution of a connection-attempting enumeration. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/158171](<https://exchange.xforce.ibmcloud.com/vulnerabilities/158171>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2016-1938](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938>) \n** DESCRIPTION: **Mozilla Firefox could provide weaker than expected security, caused by the creation of incorrect calculations in certain cases by the Network Security Services (NSS) mp_div() and mp_exptmod() functions. An attacker could exploit this vulnerability to create cryptographic weaknesses. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/110190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/110190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-4483](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483>) \n** DESCRIPTION: **libxml2 is vulnerable to a denial of service, caused by an out-of-bounds read when parsing a specially crafted XML file if recover mode is used. By persuading a victim to open a specially crafted XML file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/114279](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114279>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2016-3189](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3189>) \n** DESCRIPTION: **Bzip2 is vulnerable to a denial of service, caused by a use-after-free error in the bzip2recover. By persuading a victim to open a specially-crafted bzip2 file, an attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/114307](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114307>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-13752](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13752>) \n** DESCRIPTION: **Google Chrome could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in SQLite. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172921](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172921>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-13753](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13753>) \n** DESCRIPTION: **Google Chrome could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in SQLite. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172922](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172922>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2015-2697](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697>) \n** DESCRIPTION: **MIT Kerberos is vulnerable to a denial of service. By sending a TGS request with a specially crafted realm field beginning with a null byte, a remote authenticated attacker could exploit this vulnerability to cause the KDC to crash. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/107876](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107876>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-42375](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42375>) \n** DESCRIPTION: **BusyBox is vulnerable to a denial of service, caused by the incorrect handling of a special element in ash applet when processing a specially crafted shell command. A local authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 4.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213528](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213528>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-1010266](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010266>) \n** DESCRIPTION: **Lodash is vulnerable to a denial of service, caused by uncontrolled resource consumption in Date handler. By sending an overly long string, a local attacker could exploit this vulnerability to cause the application to stop responding. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168402](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168402>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-27645](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645>) \n** DESCRIPTION: **GNU glibc is vulnerable to a denial of service, caused by double-free in the nameserver caching daemon (nscd). By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197417](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197417>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2015-5186](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5186>) \n** DESCRIPTION: **Linux Audit Framework could allow a local attacker to obtain sensitive information, caused by the improper handling of escape sequences. An attacker could exploit this vulnerability using the ausearch program to obtain sensitive information. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/105894](<https://exchange.xforce.ibmcloud.com/vulnerabilities/105894>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2016-8623](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8623>) \n** DESCRIPTION: **cURL/libcurl could allow a local attacker to obtain sensitive information, caused by an use-after-free error. By using another thread to structs original cookie together with its strings, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118641](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118641>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2015-8035](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035>) \n** DESCRIPTION: **libxml2 is vulnerable to a denial of service, caused by the failure to properly detect compression errors by the xz_decomp function. By using specially-crafted XML data, a local attacker could exploit this vulnerability to cause the process to hang. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/107845](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107845>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2016-6153](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6153>) \n** DESCRIPTION: **SQLite could allow a local attacker to gain elevated privileges on the system, caused by the creation of temporary files in directory with insecure permissions. An attacker could exploit this vulnerability to obtain leaked data. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/114715](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114715>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-26690](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690>) \n** DESCRIPTION: **Apache HTTP Server is vulnerable to a denial of service, caused by a NULL pointer dereference. A remote attacker could exploit this vulnerability using a specially crafted Cookie header handled by mod_session to cause the system to crash. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203464](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203464>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35603](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211676](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211676>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2015-4042](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4042>) \n** DESCRIPTION: **GNU Coreutils is vulnerable to a buffer overflow, caused by improper bounds checking by the keycompare_mb(). By sending an overly long argument, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/150816](<https://exchange.xforce.ibmcloud.com/vulnerabilities/150816>) for the current score. \nCVSS Vector: (AV:L/AC:H/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2019-1563](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1563>) \n** DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by a padding oracle attack in PKCS7_dataDecode and CMS_decrypt_set1_pkey. By sending an overly large number of messages to be decrypted, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167022](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167022>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-1968](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1968>) \n** DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by a Raccoon attack in the TLS specification. By computing the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite, an attacker could exploit this vulnerability to eavesdrop on all encrypted communications sent over that TLS connection. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/187977](<https://exchange.xforce.ibmcloud.com/vulnerabilities/187977>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-16429](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16429>) \n** DESCRIPTION: **GNOME GLib is vulnerable to a denial of service, caused by an out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/149332](<https://exchange.xforce.ibmcloud.com/vulnerabilities/149332>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-17594](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17594>) \n** DESCRIPTION: **GNU ncurses could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168970](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168970>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-17595](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595>) \n** DESCRIPTION: **GNU ncurses could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-29623](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29623>) \n** DESCRIPTION: **Apple macOS, iOS, iPadOS and tvOS could allow a local authenticated attacker to bypass security restrictions, caused by a flaw in WebKit Storage component. By sending a specially-crafted request, an attacker could exploit this vulnerability to fully delete browsing history. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199361](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199361>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-3200](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3200>) \n** DESCRIPTION: **Libsolv is vulnerable to a denial of service, caused by a buffer overflow in the testcase_read function. By persuading a victim to open a specially file, a remote attacker could overflow a buffer and cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203837](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203837>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-13734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13734>) \n** DESCRIPTION: **Ncurses is vulnerable to a denial of service, caused by an illegal address access in the _nc_safe_strcat function in strings.c. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131062](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131062>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-13733](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13733>) \n** DESCRIPTION: **Ncurses is vulnerable to a denial of service, caused by an illegal address access in the fmt_entry function in progs/dump_entry.c. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131061](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131061>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-13732](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13732>) \n** DESCRIPTION: **Ncurses is vulnerable to a denial of service, caused by an illegal address access in the dump_uses function in progs/dump_entry.c. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131060](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131060>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-13731](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13731>) \n** DESCRIPTION: **Ncurses is vulnerable to a denial of service, caused by an illegal address access in the postprocess_termcap function in parse_entry.c. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131059](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131059>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-13730](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13730>) \n** DESCRIPTION: **Ncurses is vulnerable to a denial of service, caused by an illegal address access in the _nc_read_entry_source function in progs/tic.c. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131057](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131057>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-13729](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13729>) \n** DESCRIPTION: **Ncurses is vulnerable to a denial of service, caused by an illegal address access in the _nc_save_str function in alloc_entry.c. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131056](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131056>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-2708](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2708>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Berkeley DB related to the Data Store component could allow an authenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159800](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159800>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-13012](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13012>) \n** DESCRIPTION: **GNOME GLib could allow a local attacker to bypass security restrictions, caused by improper permission control in the keyfile settings backend. An attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/166666](<https://exchange.xforce.ibmcloud.com/vulnerabilities/166666>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2017-7244](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7244>) \n** DESCRIPTION: **PCRE is vulnerable to a denial of service, caused by an invalid memory read flaw in the _pcre32_xclass function in pcre_xclass.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/123729](<https://exchange.xforce.ibmcloud.com/vulnerabilities/123729>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-14567](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14567>) \n** DESCRIPTION: **libxml2 is vulnerable to a denial of service, caused by an error in xzlib.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/148541](<https://exchange.xforce.ibmcloud.com/vulnerabilities/148541>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-14404](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14404>) \n** DESCRIPTION: **libxml2 is vulnerable to a denial of service, caused by a NULL pointer dereference in the xpath.c:xmlXPathCompOpEval() function. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/147260](<https://exchange.xforce.ibmcloud.com/vulnerabilities/147260>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-19956](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19956>) \n** DESCRIPTION: **libxml2 is vulnerable to a denial of service, caused by a memory leak in xmlParseBalancedChunkMemoryRecover in parser.c. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173518](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173518>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-20388](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20388>) \n** DESCRIPTION: **GNOME libxml2 could allow a remote attacker to obtain sensitive information, caused by a xmlSchemaValidateStream memory leak in xmlSchemaPreRun in xmlschemas.c. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175539](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175539>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-8740](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8740>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by a NULL pointer dereference in the src/build.c, src/prepare.c. By using a corrupted SQLite3 database file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/140476](<https://exchange.xforce.ibmcloud.com/vulnerabilities/140476>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-15286](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15286>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by a NULL pointer dereference in tableColumnList in shell.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/133477](<https://exchange.xforce.ibmcloud.com/vulnerabilities/133477>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-3601](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3601>) \n** DESCRIPTION: **OpenSSL could allow a remote authenticated attacker to bypass security restrictions, caused by the acceptance of a certificate with explicitly set Basic Constraints to CA:FALSE as a valid CA cert. An attacker could exploit this vulnerability for MITM to any connection from the victim machine. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213731](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213731>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-20266](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20266>) \n** DESCRIPTION: **RPM Project RPM is vulnerable to a denial of service, caused by an out-of-bounds read flaw in the hdrblobInit function in lib/header.c. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201041](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201041>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35588](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35588>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 3.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211662](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211662>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2015-0837](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0837>) \n** DESCRIPTION: **Libgcrypt could allow a local attacker to obtain sensitive information, caused by a side-channel attack on data-dependent timing variations. An attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 2.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/110054](<https://exchange.xforce.ibmcloud.com/vulnerabilities/110054>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2017-7407](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7407>) \n** DESCRIPTION: **curl could allow a physical attacker to obtain sensitive information, caused by an error in the ourWriteOut function in tool_writeout.c. By reading a workstation screen during use of a --write-out argument ending in a '%' character, an attacker could exploit this vulnerability to obtain sensitive information from process memory. \nCVSS Base score: 2.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/125384](<https://exchange.xforce.ibmcloud.com/vulnerabilities/125384>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2015-1606](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1606>) \n** DESCRIPTION: **GnuPG2 is vulnerable to a denial of service, caused by a use-after-free error in build-packet.c when rejecting packets that don't belong into a keyring. By sending specially-crafted data packets, an attacker could exploit this vulnerability to cause the system to crash. \nCVSS Base score: 1.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/101024](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101024>) for the current score. \nCVSS Vector: (AV:L/AC:H/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2015-1607](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1607>) \n** DESCRIPTION: **gnupg2 could allow a local attacker to obtain sensitive information, caused by an information leak in keybox_search.c. An attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 1.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/101025](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101025>) for the current score. \nCVSS Vector: (AV:L/AC:H/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nCloud Pak for Security (CP4S)| 1.8.1.0 \nCloud Pak for Security (CP4S)| 1.8.0.0 \nCloud Pak for Security (CP4S)| 1.7.2.0 \n \n\n\n## Remediation/Fixes\n\nPlease upgrade to CP4S 1.9.0.0 following instructions at <https://www.ibm.com/docs/en/cloud-paks/cp-security/1.9?topic=installing-upgrading-cloud-pak-security-from-18>\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n21 Dec 2021: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSTDPP\",\"label\":\"IBM Cloud Pak for Security\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF040\",\"label\":\"RedHat OpenShift\"}],\"Version\":\"1.8.1.0, 1.8.0.0, 1.7.2.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-28T10:19:34", "type": "ibm", "title": "Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to multiple CVEs", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3716", "CVE-2008-1191", "CVE-2008-3103", "CVE-2008-3105", "CVE-2008-3106", "CVE-2008-3109", "CVE-2008-3110", "CVE-2008-5347", "CVE-2008-5349", "CVE-2008-5352", "CVE-2008-5358", "CVE-2014-0452", "CVE-2014-2413", "CVE-2015-0247", "CVE-2015-0837", "CVE-2015-1606", "CVE-2015-1607", "CVE-2015-2059", "CVE-2015-2695", "CVE-2015-2696", "CVE-2015-2697", "CVE-2015-3153", "CVE-2015-4041", "CVE-2015-4042", "CVE-2015-5186", "CVE-2015-5218", "CVE-2015-5276", "CVE-2015-7036", "CVE-2015-8035", "CVE-2015-8382", "CVE-2015-8948", "CVE-2015-8982", "CVE-2015-8983", "CVE-2015-8984", "CVE-2015-8985", "CVE-2015-9251", "CVE-2016-0755", "CVE-2016-10254", "CVE-2016-10255", "CVE-2016-10540", "CVE-2016-10707", "CVE-2016-10735", "CVE-2016-1234", "CVE-2016-1938", "CVE-2016-1951", "CVE-2016-2226", "CVE-2016-2779", "CVE-2016-2781", "CVE-2016-3189", "CVE-2016-4008", "CVE-2016-4429", "CVE-2016-4472", "CVE-2016-4483", "CVE-2016-4487", "CVE-2016-4488", "CVE-2016-4489", "CVE-2016-4490", "CVE-2016-4491", "CVE-2016-4492", "CVE-2016-4493", "CVE-2016-4984", "CVE-2016-5300", "CVE-2016-6153", "CVE-2016-6261", "CVE-2016-6262", "CVE-2016-8615", "CVE-2016-8616", "CVE-2016-8617", "CVE-2016-8618", "CVE-2016-8619", "CVE-2016-8621", "CVE-2016-8623", "CVE-2016-8624", "CVE-2016-8625", "CVE-2016-9074", "CVE-2016-9318", "CVE-2016-9574", "CVE-2016-9586", "CVE-2017-1000100", "CVE-2017-1000254", "CVE-2017-10140", "CVE-2017-10684", "CVE-2017-10685", "CVE-2017-10790", "CVE-2017-10989", "CVE-2017-11112", "CVE-2017-11113", "CVE-2017-11164", "CVE-2017-11462", "CVE-2017-13685", "CVE-2017-13728", "CVE-2017-13729", "CVE-2017-13730", "CVE-2017-13731", "CVE-2017-13732", "CVE-2017-13733", "CVE-2017-13734", "CVE-2017-14062", "CVE-2017-15088", "CVE-2017-15286", "CVE-2017-15671", "CVE-2017-16879", "CVE-2017-16931", "CVE-2017-16932", "CVE-2017-18018", "CVE-2017-6004", "CVE-2017-6891", "CVE-2017-7000", "CVE-2017-7244", "CVE-2017-7245", "CVE-2017-7246", "CVE-2017-7407", "CVE-2017-7500", "CVE-2017-7501", "CVE-2017-7526", "CVE-2017-7607", "CVE-2017-7608", "CVE-2017-7609", "CVE-2017-7610", "CVE-2017-7611", "CVE-2017-7612", "CVE-2017-7613", "CVE-2017-7781", "CVE-2017-8817", "CVE-2017-9233", "CVE-2018-12700", "CVE-2018-14041", "CVE-2018-14404", "CVE-2018-14567", "CVE-2018-16429", "CVE-2018-16435", "CVE-2018-17101", "CVE-2018-18074", "CVE-2018-18508", "CVE-2018-20483", "CVE-2018-20676", "CVE-2018-20677", "CVE-2018-25009", "CVE-2018-25010", "CVE-2018-25012", "CVE-2018-25013", "CVE-2018-25014", "CVE-2018-3721", "CVE-2018-6003", "CVE-2018-8740", "CVE-2018-9234", "CVE-2019-1010266", "CVE-2019-10219", "CVE-2019-11358", "CVE-2019-13012", "CVE-2019-13050", "CVE-2019-13057", "CVE-2019-13115", "CVE-2019-13117", "CVE-2019-13565", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-13752", "CVE-2019-13753", "CVE-2019-1563", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-18276", "CVE-2019-18874", "CVE-2019-19603", "CVE-2019-19645", "CVE-2019-19880", "CVE-2019-19906", "CVE-2019-19924", "CVE-2019-19956", "CVE-2019-20218", "CVE-2019-20387", "CVE-2019-20388", "CVE-2019-20838", "CVE-2019-2708", "CVE-2019-3859", "CVE-2019-3860", "CVE-2019-5827", "CVE-2019-8331", "CVE-2019-8457", "CVE-2019-9169", "CVE-2019-9633", "CVE-2019-9924", "CVE-2020-10001", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-12399", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-13558", "CVE-2020-13631", "CVE-2020-13645", "CVE-2020-13956", "CVE-2020-14145", "CVE-2020-14155", "CVE-2020-15719", "CVE-2020-16135", "CVE-2020-1752", "CVE-2020-1968", "CVE-2020-24025", "CVE-2020-24370", "CVE-2020-24870", "CVE-2020-24977", "CVE-2020-25219", "CVE-2020-25709", "CVE-2020-25710", "CVE-2020-26154", "CVE-2020-27828", "CVE-2020-27918", "CVE-2020-28168", "CVE-2020-28196", "CVE-2020-28498", "CVE-2020-29361", "CVE-2020-29362", "CVE-2020-29623", "CVE-2020-35448", "CVE-2020-35492", "CVE-2020-36221", "CVE-2020-36222", "CVE-2020-36223", "CVE-2020-36224", "CVE-2020-36225", "CVE-2020-36226", "CVE-2020-36227", "CVE-2020-36228", "CVE-2020-36229", "CVE-2020-36230", "CVE-2020-36241", "CVE-2020-36330", "CVE-2020-36331", "CVE-2020-36332", "CVE-2020-7595", "CVE-2020-7751", "CVE-2020-7768", "CVE-2020-7774", "CVE-2020-8285", "CVE-2020-8908", "CVE-2021-1788", "CVE-2021-1789", "CVE-2021-1799", "CVE-2021-1801", "CVE-2021-1844", "CVE-2021-1870", "CVE-2021-1871", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-20266", "CVE-2021-20270", "CVE-2021-20284", "CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22922", "CVE-2021-22923", "CVE-2021-22924", "CVE-2021-22925", "CVE-2021-22930", "CVE-2021-22931", "CVE-2021-22939", "CVE-2021-22940", "CVE-2021-22946", "CVE-2021-22947", "CVE-2021-23358", "CVE-2021-23440", "CVE-2021-23840", "CVE-2021-26690", "CVE-2021-26691", "CVE-2021-26926", "CVE-2021-26927", "CVE-2021-27212", "CVE-2021-27291", "CVE-2021-27645", "CVE-2021-28092", "CVE-2021-28153", "CVE-2021-28650", "CVE-2021-28957", "CVE-2021-29059", "CVE-2021-29425", "CVE-2021-29921", "CVE-2021-30641", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799", "CVE-2021-3115", "CVE-2021-31535", "CVE-2021-3200", "CVE-2021-32838", "CVE-2021-33503", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-33928", "CVE-2021-33929", "CVE-2021-33930", "CVE-2021-33938", "CVE-2021-3426", "CVE-2021-3445", "CVE-2021-3516", "CVE-2021-3517", "CVE-2021-3518", "CVE-2021-3520", "CVE-2021-3537", "CVE-2021-35550", "CVE-2021-35556", "CVE-2021-35559", "CVE-2021-35561", "CVE-2021-35564", "CVE-2021-35565", "CVE-2021-35567", "CVE-2021-35578", "CVE-2021-35586", "CVE-2021-35588", "CVE-2021-35603", "CVE-2021-3572", "CVE-2021-35942", "CVE-2021-3601", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-36159", "CVE-2021-36222", "CVE-2021-3672", "CVE-2021-3711", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-3765", "CVE-2021-37714", "CVE-2021-37750", "CVE-2021-3778", "CVE-2021-3795", "CVE-2021-3796", "CVE-2021-38185", "CVE-2021-40438", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2021-42374", "CVE-2021-42375", "CVE-2021-42378", "CVE-2021-42379", "CVE-2021-42380", "CVE-2021-42381", "CVE-2021-42382", "CVE-2021-42383", "CVE-2021-42384", "CVE-2021-42385", "CVE-2021-42386", "CVE-2021-42574", "CVE-2021-42771"], "modified": "2022-01-28T10:19:34", "id": "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "href": "https://www.ibm.com/support/pages/node/6551876", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2022-07-01T22:08:30", "description": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 2.0.0 serves as a replacement for Red Hat AMQ Streams 1.8.4, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* jetty: crafted URIs allow bypassing security constraints (CVE-2021-34429)\n\n* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients (CVE-2021-38153)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-01-13T08:24:32", "type": "redhat", "title": "(RHSA-2022:0138) Moderate: Red Hat AMQ Streams 2.0.0 release and security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.5, "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-34429", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-38153", "CVE-2021-44832"], "modified": "2022-01-13T08:25:28", "id": "RHSA-2022:0138", "href": "https://access.redhat.com/errata/RHSA-2022:0138", "cvss": {"score": 8.5, "vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-11-30T10:38:00", "description": "AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. \n\nThis release of Red Hat AMQ Broker 7.9.1 serves as a replacement for Red Hat AMQ Broker 7.9.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-11-30T08:40:21", "type": "redhat", "title": "(RHSA-2021:4851) Low: Red Hat AMQ Broker 7.9.1 release and security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37136", "CVE-2021-37137"], "modified": "2021-11-30T08:41:12", "id": "RHSA-2021:4851", "href": "https://access.redhat.com/errata/RHSA-2021:4851", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-11-26T18:37:33", "description": "This release of Red Hat build of Eclipse Vert.x 4.1.5 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)\n* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\nFor more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-11-10T16:37:03", "type": "redhat", "title": "(RHSA-2021:3959) Moderate: Red Hat build of Eclipse Vert.x 4.1.5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37136", "CVE-2021-37137"], "modified": "2021-11-10T16:37:26", "id": "RHSA-2021:3959", "href": "https://access.redhat.com/errata/RHSA-2021:3959", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-03-22T15:55:23", "description": "Red Hat Integration - Camel Extensions for Quarkus 2.2.1 serves as a replacement for 2.2 and includes the following security Fix(es):\n\nSecurity Fix(es):\n\n* cron-utils: template Injection leading to unauthenticated Remote Code Execution (CVE-2021-41269)\n\n* maven: Block repositories using http by default (CVE-2021-26291)\n\n* bouncycastle: Timing issue within the EC math library (CVE-2020-15522)\n\n* mysql-connector-java: unauthorized access to critical (CVE-2021-2471)\n\n* kubernetes-client: Insecure deserialization in unmarshalYaml method (CVE-2021-4178)\n\n* protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569)\n\n* jersey: Local information disclosure via system temporary directory (CVE-2021-28168)\n\n* jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate (CVE-2021-28170)\n\n* mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server (CVE-2021-30129)\n\n* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* xml-security: XPath Transform abuse allows for information disclosure (CVE-2021-40690)\n\n* h2: Remote Code Execution in Console (CVE-2021-42392)\n\n* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2022-03-22T15:30:19", "type": "redhat", "title": "(RHSA-2022:1013) Moderate: Red Hat Integration Camel Extensions for Quarkus 2.2.1 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15522", "CVE-2020-8908", "CVE-2021-22569", "CVE-2021-2471", "CVE-2021-26291", "CVE-2021-28168", "CVE-2021-28170", "CVE-2021-30129", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-40690", "CVE-2021-41269", "CVE-2021-4178", "CVE-2021-42392"], "modified": "2022-03-22T15:30:29", "id": "RHSA-2022:1013", "href": "https://access.redhat.com/errata/RHSA-2022:1013", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-04T05:59:15", "description": "Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.\n\nThis asynchronous security patch is an update to Red Hat Process Automation Manager 7.\n\nSecurity Fix(es):\n\n* com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson (CVE-2022-25647)\n\n* jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck (CVE-2021-37714)\n\n* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* protobuf-java: potential DoS in the parsing procedure for binary data (CVE-2021-22569)\n\n* spring-expression: Denial of service via specially crafted SpEL expression (CVE-2022-22950)\n\n* wildfly-elytron: possible timing attack in ScramServer (CVE-2021-3642)\n\n* wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users (CVE-2021-3717)\n\n* ant: excessive memory allocation when reading a specially crafted TAR archive (CVE-2021-36373)\n\n* mysql-connector-java: unauthorized access to critical (CVE-2021-2471)\n\n* netty: control chars in header names may lead to HTTP request smuggling (CVE-2021-43797)\n\n* wildfly-core: Invalid Sensitivity Classification of Vault Expression (CVE-2021-3644)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-04T04:17:59", "type": "redhat", "title": "(RHSA-2022:5903) Moderate: Red Hat Process Automation Manager 7.13.0 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.9, "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 9.2, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-22569", "CVE-2021-2471", "CVE-2021-36373", "CVE-2021-3642", "CVE-2021-3644", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-3717", "CVE-2021-37714", "CVE-2021-43797", "CVE-2022-22950", "CVE-2022-25647"], "modified": "2022-08-04T04:18:35", "id": "RHSA-2022:5903", "href": "https://access.redhat.com/errata/RHSA-2022:5903", "cvss": {"score": 7.9, "vector": "AV:N/AC:M/Au:S/C:C/I:N/A:C"}}, {"lastseen": "2022-03-31T14:23:00", "description": "This release of Red Hat build of Eclipse Vert.x 4.2.5 GA includes security updates. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients (CVE-2021-38153)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-31T11:11:24", "type": "redhat", "title": "(RHSA-2022:0737) Moderate: Red Hat build of Eclipse Vert.x 4.2.5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38153"], "modified": "2022-03-31T11:11:40", "id": "RHSA-2022:0737", "href": "https://access.redhat.com/errata/RHSA-2022:0737", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-02-09T17:31:28", "description": "This release of Red Hat Integration - Service registry 2.0.3.GA serves as a replacement for 2.0.2.GA, and includes the below security fixes.\n\nSecurity Fix(es):\n\n* kafka-clients: Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients (CVE-2021-38153)\n\n* xmlsec: xml-security: XPath Transform abuse allows for information disclosure (CVE-2021-40690)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2022-02-09T16:10:06", "type": "redhat", "title": "(RHSA-2022:0501) Moderate: Red Hat Integration - Service Registry release and security update [2.0.3.GA]", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38153", "CVE-2021-40690"], "modified": "2022-02-09T16:10:29", "id": "RHSA-2022:0501", "href": "https://access.redhat.com/errata/RHSA-2022:0501", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-01-20T19:30:41", "description": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 1.6.6 serves as a replacement for Red Hat AMQ Streams 1.6.5, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients (CVE-2021-38153)\n\n* log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern (CVE-2021-45105)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2022-01-20T18:15:15", "type": "redhat", "title": "(RHSA-2022:0219) Moderate: Red Hat AMQ Streams 1.6.6 release and security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38153", "CVE-2021-45105"], "modified": "2022-01-20T18:16:09", "id": "RHSA-2022:0219", "href": "https://access.redhat.com/errata/RHSA-2022:0219", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-19T15:43:28", "description": "Red Hat Integration - Camel Extensions for Quarkus 2.7 serves as a replacement for 2.2.1 and includes the following security Fix(es):\n\nSecurity Fix(es):\n\n* hadoop: WebHDFS client might send SPNEGO authorization header (CVE-2020-9492)\n\n* lz4: memory corruption due to an integer overflow bug caused by memmove argument (CVE-2021-3520)\n\n* elasticsearch: executing async search improperly stores HTTP headers leading to information disclosure (CVE-2021-22132)\n\n* jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck (CVE-2021-37714)\n\n* Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients (CVE-2021-38153)\n\n* xstream: Injecting highly recursive collections or maps can cause a DoS (CVE-2021-43859)\n\n* quarkus: privilege escalation vulnerability with RestEasy Reactive scope leakage in Quarkus (CVE-2022-0981)\n\n* elasticsearch: Document disclosure flaw in the Elasticsearch suggester (CVE-2021-22135)\n\n* elasticsearch: Document disclosure flaw when Document or Field Level Security is used (CVE-2021-22137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-07-19T13:36:43", "type": "redhat", "title": "(RHSA-2022:5606) Moderate: Red Hat Integration Camel Extensions for Quarkus 2.7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9492", "CVE-2021-22132", "CVE-2021-22135", "CVE-2021-22137", "CVE-2021-3520", "CVE-2021-37714", "CVE-2021-38153", "CVE-2021-43859", "CVE-2022-0981"], "modified": "2022-07-19T13:36:53", "id": "RHSA-2022:5606", "href": "https://access.redhat.com/errata/RHSA-2022:5606", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-12T14:57:00", "description": "Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.\n \nData Grid 8.3.1 replaces Data Grid 8.3.0 and includes bug fixes and enhancements. Find out more about Data Grid 8.3.1 in the Release Notes[3].\n\nSecurity Fix(es):\n\n* jackson-databind: denial of service via a large depth of nested objects [jdg-8] (CVE-2020-36518)\n\n* kafka-clients: Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients [jdg-8] (CVE-2021-38153)\n\n* xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr [jdg-8] (CVE-2022-0084)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-12T11:53:59", "type": "redhat", "title": "(RHSA-2022:2232) Moderate: Red Hat Data Grid 8.3.1 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-36518", "CVE-2021-38153", "CVE-2022-0084"], "modified": "2022-05-12T11:54:10", "id": "RHSA-2022:2232", "href": "https://access.redhat.com/errata/RHSA-2022:2232", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-14T19:29:11", "description": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 2.0.1 serves as a replacement for Red Hat AMQ Streams 2.0.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* kubernetes-client: Insecure deserialization in unmarshalYaml method (CVE-2021-4178)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-08T13:46:22", "type": "redhat", "title": "(RHSA-2022:0469) Important: Red Hat AMQ Streams 2.0.1 release and security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4178", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-08T13:47:22", "id": "RHSA-2022:0469", "href": "https://access.redhat.com/errata/RHSA-2022:0469", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-06-08T21:59:49", "description": "This release of Red Hat JBoss Enterprise Application Platform 7.3.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: buffer leak on incoming websocket PONG message may lead to DoS (CVE-2021-3690)\n\n* undertow: HTTP2SourceChannel fails to write final frame under some circumstances may lead to DoS (CVE-2021-3597)\n\n* jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate (CVE-2021-28170)\n\n* apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 (CVE-2021-29425)\n\n* wildfly-core: Invalid Sensitivity Classification of Vault Expression (CVE-2021-3644)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-08T11:39:02", "type": "redhat", "title": "(RHSA-2021:3467) Important: Red Hat JBoss Enterprise Application Platform 7.3.9 security update on RHEL 7", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28170", "CVE-2021-29425", "CVE-2021-3597", "CVE-2021-3644", "CVE-2021-3690"], "modified": "2021-09-08T13:04:57", "id": "RHSA-2021:3467", "href": "https://access.redhat.com/errata/RHSA-2021:3467", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-06-08T21:57:05", "description": "These are CVE issues filed against XP2 releases that have been fixed in the underlying EAP 7.3.x base, so no changes to the EAP XP2 code base.\n\nSecurity Fix(es):\n\n* undertow: buffer leak on incoming websocket PONG message may lead to DoS (CVE-2021-3690)\n\n* undertow: HTTP2SourceChannel fails to write final frame under some circumstances may lead to DoS (CVE-2021-3597)\n\n* jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate (CVE-2021-28170)\n\n* apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 (CVE-2021-29425)\n\n* wildfly-core: Invalid Sensitivity Classification of Vault Expression (CVE-2021-3644)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-13T17:30:33", "type": "redhat", "title": "(RHSA-2021:3516) Important: EAP XP 2 security update to CVE fixes in the EAP 7.3.x base", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28170", "CVE-2021-29425", "CVE-2021-3597", "CVE-2021-3644", "CVE-2021-3690"], "modified": "2021-09-13T17:30:48", "id": "RHSA-2021:3516", "href": "https://access.redhat.com/errata/RHSA-2021:3516", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-06-08T21:59:37", "description": "This release of Red Hat JBoss Enterprise Application Platform 7.3.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: buffer leak on incoming websocket PONG message may lead to DoS (CVE-2021-3690)\n\n* undertow: HTTP2SourceChannel fails to write final frame under some circumstances may lead to DoS (CVE-2021-3597)\n\n* jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate (CVE-2021-28170)\n\n* apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 (CVE-2021-29425)\n\n* wildfly-core: Invalid Sensitivity Classification of Vault Expression (CVE-2021-3644)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-08T11:38:57", "type": "redhat", "title": "(RHSA-2021:3466) Important: Red Hat JBoss Enterprise Application Platform 7.3.9 security update on RHEL 6", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28170", "CVE-2021-29425", "CVE-2021-3597", "CVE-2021-3644", "CVE-2021-3690"], "modified": "2021-09-08T13:04:49", "id": "RHSA-2021:3466", "href": "https://access.redhat.com/errata/RHSA-2021:3466", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-06-08T21:59:17", "description": "This release of Red Hat JBoss Enterprise Application Platform 7.3.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: buffer leak on incoming websocket PONG message may lead to DoS (CVE-2021-3690)\n\n* undertow: HTTP2SourceChannel fails to write final frame under some circumstances may lead to DoS (CVE-2021-3597)\n\n* jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate (CVE-2021-28170)\n\n* apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 (CVE-2021-29425)\n\n* wildfly-core: Invalid Sensitivity Classification of Vault Expression (CVE-2021-3644)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-08T11:39:05", "type": "redhat", "title": "(RHSA-2021:3468) Important: Red Hat JBoss Enterprise Application Platform 7.3.9 security update on RHEL 8", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28170", "CVE-2021-29425", "CVE-2021-3597", "CVE-2021-3644", "CVE-2021-3690"], "modified": "2021-09-08T14:38:21", "id": "RHSA-2021:3468", "href": "https://access.redhat.com/errata/RHSA-2021:3468", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-06-08T21:58:27", "description": "This release of Red Hat JBoss Enterprise Application Platform 7.3.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: buffer leak on incoming websocket PONG message may lead to DoS (CVE-2021-3690)\n\n* undertow: HTTP2SourceChannel fails to write final frame under some circumstances may lead to DoS (CVE-2021-3597)\n\n* jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate (CVE-2021-28170)\n\n* apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 (CVE-2021-29425)\n\n* wildfly-core: Invalid Sensitivity Classification of Vault Expression (CVE-2021-3644)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-08T11:48:32", "type": "redhat", "title": "(RHSA-2021:3471) Important: Red Hat JBoss Enterprise Application Platform 7.3.9 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28170", "CVE-2021-29425", "CVE-2021-3597", "CVE-2021-3644", "CVE-2021-3690"], "modified": "2021-09-08T13:02:30", "id": "RHSA-2021:3471", "href": "https://access.redhat.com/errata/RHSA-2021:3471", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-06-09T18:18:12", "description": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.2 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS (CVE-2021-3629)\n\n* wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users (CVE-2021-3717)\n\n* mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server (CVE-2021-30129)\n\n* jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck (CVE-2021-37714)\n\n* resteasy: Error message exposes endpoint class information (CVE-2021-20289)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-15T17:02:24", "type": "redhat", "title": "(RHSA-2021:4679) Moderate: Red Hat JBoss Enterprise Application Platform 7.4.2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20289", "CVE-2021-30129", "CVE-2021-3629", "CVE-2021-3717", "CVE-2021-37714"], "modified": "2021-11-15T17:02:46", "id": "RHSA-2021:4679", "href": "https://access.redhat.com/errata/RHSA-2021:4679", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-09T18:16:49", "description": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.2 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS (CVE-2021-3629)\n\n* wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users (CVE-2021-3717)\n\n* mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server (CVE-2021-30129)\n\n* jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck (CVE-2021-37714)\n\n* resteasy: Error message exposes endpoint class information (CVE-2021-20289)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-15T16:54:31", "type": "redhat", "title": "(RHSA-2021:4677) Moderate: Red Hat JBoss Enterprise Application Platform 7.4.2 security update on RHEL 8", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20289", "CVE-2021-30129", "CVE-2021-3629", "CVE-2021-3717", "CVE-2021-37714"], "modified": "2021-11-15T16:56:58", "id": "RHSA-2021:4677", "href": "https://access.redhat.com/errata/RHSA-2021:4677", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-09T18:14:05", "description": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.2 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS (CVE-2021-3629)\n\n* wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users (CVE-2021-3717)\n\n* mina-sshd-core: Memory leak denial of service in Apache Mina SSHD Server (CVE-2021-30129)\n\n* jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck (CVE-2021-37714)\n\n* resteasy: Error message exposes endpoint class information (CVE-2021-20289)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-15T16:54:28", "type": "redhat", "title": "(RHSA-2021:4676) Moderate: Red Hat JBoss Enterprise Application Platform 7.4.2 security update on RHEL 7", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20289", "CVE-2021-30129", "CVE-2021-3629", "CVE-2021-3717", "CVE-2021-37714"], "modified": "2021-11-15T16:57:15", "id": "RHSA-2021:4676", "href": "https://access.redhat.com/errata/RHSA-2021:4676", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-06T17:00:07", "description": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.4 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.5 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* h2: Loading of custom classes from remote servers through JNDI (CVE-2022-23221)\n\n* jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518)\n\n* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* h2: Remote Code Execution in Console (CVE-2021-42392)\n\n* netty: control chars in header names may lead to HTTP request smuggling (CVE-2021-43797)\n\n* xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr (CVE-2022-0084)\n\n* wildfly: Wildfly management of EJB Session context returns wrong caller principal with Elytron Security enabled (CVE-2022-0866)\n\n* undertow: Double AJP response for 400 from EAP 7 results in CPING failures (CVE-2022-1319)\n\n* OpenJDK: Infinite loop related to incorrect handling of newlines in XMLEntityScanner (JAXP, 8270646) (CVE-2022-21299)\n\n* mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors (CVE-2022-21363)\n\n* xerces-j2: infinite loop when handling specially crafted XML document payloads (CVE-2022-23437)\n\n* artemis-commons: Apache ActiveMQ Artemis DoS (CVE-2022-23913)\n\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n\n* jboss-client: memory leakage in remote client transaction (CVE-2022-0853)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-06T15:07:26", "type": "redhat", "title": "(RHSA-2022:4922) Moderate: Red Hat JBoss Enterprise Application Platform 7.4.5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-36518", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-42392", "CVE-2021-43797", "CVE-2022-0084", "CVE-2022-0853", "CVE-2022-0866", "CVE-2022-1319", "CVE-2022-21299", "CVE-2022-21363", "CVE-2022-23221", "CVE-2022-23437", "CVE-2022-23913", "CVE-2022-24785"], "modified": "2022-06-06T15:07:42", "id": "RHSA-2022:4922", "href": "https://access.redhat.com/errata/RHSA-2022:4922", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-06T17:06:08", "description": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.4 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.5 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* h2: Loading of custom classes from remote servers through JNDI (CVE-2022-23221)\n\n* jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518)\n\n* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* h2: Remote Code Execution in Console (CVE-2021-42392)\n\n* netty: control chars in header names may lead to HTTP request smuggling (CVE-2021-43797)\n\n* xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr (CVE-2022-0084)\n\n* wildfly: Wildfly management of EJB Session context returns wrong caller principal with Elytron Security enabled (CVE-2022-0866)\n\n* undertow: Double AJP response for 400 from EAP 7 results in CPING failures (CVE-2022-1319)\n\n* OpenJDK: Infinite loop related to incorrect handling of newlines in XMLEntityScanner (JAXP, 8270646) (CVE-2022-21299)\n\n* mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors (CVE-2022-21363)\n\n* xerces-j2: infinite loop when handling specially crafted XML document payloads (CVE-2022-23437)\n\n* artemis-commons: Apache ActiveMQ Artemis DoS (CVE-2022-23913)\n\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n\n* jboss-client: memory leakage in remote client transaction (CVE-2022-0853)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-06T14:31:15", "type": "redhat", "title": "(RHSA-2022:4918) Moderate: Red Hat JBoss Enterprise Application Platform 7.4.5 security update on RHEL 7", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-36518", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-42392", "CVE-2021-43797", "CVE-2022-0084", "CVE-2022-0853", "CVE-2022-0866", "CVE-2022-1319", "CVE-2022-21299", "CVE-2022-21363", "CVE-2022-23221", "CVE-2022-23437", "CVE-2022-23913", "CVE-2022-24785"], "modified": "2022-06-06T14:49:25", "id": "RHSA-2022:4918", "href": "https://access.redhat.com/errata/RHSA-2022:4918", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-11T23:59:40", "description": "Logging Subsystem 5.4.1 - Red Hat OpenShift\n\nSecurity Fix(es):\n\n* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* netty: control chars in header names may lead to HTTP request smuggling (CVE-2021-43797)\n\n* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-05-11T18:39:10", "type": "redhat", "title": "(RHSA-2022:2216) Moderate: Red Hat OpenShift Logging Security and Bug update Release 5.4.1", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-25032", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-4028", "CVE-2021-43797", "CVE-2022-0778", "CVE-2022-1154", "CVE-2022-1271", "CVE-2022-21426", "CVE-2022-21434", "CVE-2022-21443", "CVE-2022-21476", "CVE-2022-21496", "CVE-2022-21698", "CVE-2022-25636"], "modified": "2022-05-11T18:40:22", "id": "RHSA-2022:2216", "href": "https://access.redhat.com/errata/RHSA-2022:2216", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-06T17:03:21", "description": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.4 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.5 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* h2: Loading of custom classes from remote servers through JNDI (CVE-2022-23221)\n\n* jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518)\n\n* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* h2: Remote Code Execution in Console (CVE-2021-42392)\n\n* netty: control chars in header names may lead to HTTP request smuggling (CVE-2021-43797)\n\n* xnio: org.xnio.StreamConnection.notifyReadClosed log to debug instead of stderr (CVE-2022-0084)\n\n* wildfly: Wildfly management of EJB Session context returns wrong caller principal with Elytron Security enabled (CVE-2022-0866)\n\n* undertow: Double AJP response for 400 from EAP 7 results in CPING failures (CVE-2022-1319)\n\n* OpenJDK: Infinite loop related to incorrect handling of newlines in XMLEntityScanner (JAXP, 8270646) (CVE-2022-21299)\n\n* mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors (CVE-2022-21363)\n\n* xerces-j2: infinite loop when handling specially crafted XML document payloads (CVE-2022-23437)\n\n* artemis-commons: Apache ActiveMQ Artemis DoS (CVE-2022-23913)\n\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n\n* jboss-client: memory leakage in remote client transaction (CVE-2022-0853)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-06-06T14:31:32", "type": "redhat", "title": "(RHSA-2022:4919) Moderate: Red Hat JBoss Enterprise Application Platform 7.4.5 security update on RHEL 8", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-36518", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-42392", "CVE-2021-43797", "CVE-2022-0084", "CVE-2022-0853", "CVE-2022-0866", "CVE-2022-1319", "CVE-2022-21299", "CVE-2022-21363", "CVE-2022-23221", "CVE-2022-23437", "CVE-2022-23913", "CVE-2022-24785"], "modified": "2022-06-06T14:49:24", "id": "RHSA-2022:4919", "href": "https://access.redhat.com/errata/RHSA-2022:4919", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-14T19:30:26", "description": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 1.6.7 serves as a replacement for Red Hat AMQ Streams 1.6.6, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* kubernetes-client: Insecure deserialization in unmarshalYaml method (CVE-2021-4178)\n\n* log4j-core: remote code execution via JDBC Appender (CVE-2021-44832)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-08T12:43:39", "type": "redhat", "title": "(RHSA-2022:0467) Important: Red Hat AMQ Streams 1.6.7 release and security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4178", "CVE-2021-44832", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307"], "modified": "2022-02-08T12:44:29", "id": "RHSA-2022:0467", "href": "https://access.redhat.com/errata/RHSA-2022:0467", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-06-09T18:17:27", "description": "This release of Red Hat JBoss Enterprise Application Platform 7.3.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.10 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS (CVE-2021-3629)\n\n* wildfly-elytron: possible timing attack in ScramServer (CVE-2021-3642)\n\n* wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users (CVE-2021-3717)\n\n* jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck (CVE-2021-37714)\n\n* xml-security: XPath Transform abuse allows for information disclosure (CVE-2021-40690)\n\n* resteasy: Error message exposes endpoint class information (CVE-2021-20289)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References sec", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-15T14:37:22", "type": "redhat", "title": "(RHSA-2021:5154) Moderate: Red Hat JBoss Enterprise Application Platform 7.3.10 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20289", "CVE-2021-3629", "CVE-2021-3642", "CVE-2021-3717", "CVE-2021-37714", "CVE-2021-40690"], "modified": "2021-12-15T14:37:43", "id": "RHSA-2021:5154", "href": "https://access.redhat.com/errata/RHSA-2021:5154", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-09T18:18:31", "description": "This release of Red Hat JBoss Enterprise Application Platform 7.3.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.10 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS (CVE-2021-3629)\n\n* wildfly-elytron: possible timing attack in ScramServer (CVE-2021-3642)\n\n* wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users (CVE-2021-3717)\n\n* jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck (CVE-2021-37714)\n\n* xml-security: XPath Transform abuse allows for information disclosure (CVE-2021-40690)\n\n* resteasy: Error message exposes endpoint class information (CVE-2021-20289)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-15T14:27:28", "type": "redhat", "title": "(RHSA-2021:5151) Moderate: Red Hat JBoss Enterprise Application Platform 7.3.10 security update on RHEL 8", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20289", "CVE-2021-3629", "CVE-2021-3642", "CVE-2021-3717", "CVE-2021-37714", "CVE-2021-40690"], "modified": "2021-12-15T14:29:27", "id": "RHSA-2021:5151", "href": "https://access.redhat.com/errata/RHSA-2021:5151", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-09T18:14:33", "description": "Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.4.10 serves as a replacement for Red Hat Single Sign-On 7.4.9, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS (CVE-2021-3629)\n\n* wildfly-elytron: possible timing attack in ScramServer (CVE-2021-3642)\n\n* wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users (CVE-2021-3717)\n\n* jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck (CVE-2021-37714)\n\n* xml-security: XPath Transform abuse allows for information disclosure (CVE-2021-40690)\n\n* resteasy: Error message exposes endpoint class information (CVE-2021-20289)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-15T19:04:59", "type": "redhat", "title": "(RHSA-2021:5170) Moderate: Red Hat Single Sign-On 7.4.10 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20289", "CVE-2021-3629", "CVE-2021-3642", "CVE-2021-3717", "CVE-2021-37714", "CVE-2021-40690"], "modified": "2021-12-15T19:05:09", "id": "RHSA-2021:5170", "href": "https://access.redhat.com/errata/RHSA-2021:5170", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-09T18:15:46", "description": "This release of Red Hat JBoss Enterprise Application Platform 7.3.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.10 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS (CVE-2021-3629)\n\n* wildfly-elytron: possible timing attack in ScramServer (CVE-2021-3642)\n\n* wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users (CVE-2021-3717)\n\n* jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck (CVE-2021-37714)\n\n* xml-security: XPath Transform abuse allows for information disclosure (CVE-2021-40690)\n\n* resteasy: Error message exposes endpoint class information (CVE-2021-20289)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-15T14:24:37", "type": "redhat", "title": "(RHSA-2021:5149) Moderate: Red Hat JBoss Enterprise Application Platform 7.3.10 security update on RHEL 6", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20289", "CVE-2021-3629", "CVE-2021-3642", "CVE-2021-3717", "CVE-2021-37714", "CVE-2021-40690"], "modified": "2021-12-15T14:27:18", "id": "RHSA-2021:5149", "href": "https://access.redhat.com/errata/RHSA-2021:5149", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-09T18:14:41", "description": "This release of Red Hat JBoss Enterprise Application Platform 7.3.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.10 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS (CVE-2021-3629)\n\n* wildfly-elytron: possible timing attack in ScramServer (CVE-2021-3642)\n\n* wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users (CVE-2021-3717)\n\n* jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck (CVE-2021-37714)\n\n* xml-security: XPath Transform abuse allows for information disclosure (CVE-2021-40690)\n\n* resteasy: Error message exposes endpoint class information (CVE-2021-20289)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-15T14:26:16", "type": "redhat", "title": "(RHSA-2021:5150) Moderate: Red Hat JBoss Enterprise Application Platform 7.3.10 security update on RHEL 7", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20289", "CVE-2021-3629", "CVE-2021-3642", "CVE-2021-3717", "CVE-2021-37714", "CVE-2021-40690"], "modified": "2021-12-15T14:27:22", "id": "RHSA-2021:5150", "href": "https://access.redhat.com/errata/RHSA-2021:5150", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-09T18:16:24", "description": "These are CVE issues filed against XP2 releases that have been fixed in the underlying EAP 7.3.x base. There are no changes to the EAP XP2 code base.\n\nSecurity Fix(es):\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS (CVE-2021-3629)\n\n* wildfly-elytron: possible timing attack in ScramServer (CVE-2021-3642)\n\n* wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users (CVE-2021-3717)\n\n* jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck (CVE-2021-37714)\n\n* xml-security: XPath Transform abuse allows for information disclosure (CVE-2021-40690)\n\n* resteasy: Error message exposes endpoint class information (CVE-2021-20289)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-17T11:58:48", "type": "redhat", "title": "(RHSA-2022:0146) Moderate: EAP XP 2 security update to CVE fixes in the EAP 7.3.x base", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-20289", "CVE-2021-3629", "CVE-2021-3642", "CVE-2021-3717", "CVE-2021-37714", "CVE-2021-40690"], "modified": "2022-01-17T11:59:25", "id": "RHSA-2022:0146", "href": "https://access.redhat.com/errata/RHSA-2022:0146", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-11T23:59:40", "description": "Openshift Logging Bug Fix Release (5.2.10)\n\nSecurity Fix(es):\n\n* kubeclient: kubeconfig parsing error can lead to MITM attacks (CVE-2022-0759)\n\n* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* netty: control chars in header names may lead to HTTP request smuggling (CVE-2021-43797)\n\n* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-11T19:47:56", "type": "redhat", "title": "(RHSA-2022:2218) Moderate: Openshift Logging Security and Bug update Release (5.2.10)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-25032", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-4028", "CVE-2021-43797", "CVE-2022-0759", "CVE-2022-0778", "CVE-2022-1154", "CVE-2022-1271", "CVE-2022-21426", "CVE-2022-21434", "CVE-2022-21443", "CVE-2022-21476", "CVE-2022-21496", "CVE-2022-21698", "CVE-2022-25636"], "modified": "2022-05-11T19:48:10", "id": "RHSA-2022:2218", "href": "https://access.redhat.com/errata/RHSA-2022:2218", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-11T23:59:40", "description": "Openshift Logging Bug Fix Release (5.3.7)\n\nSecurity Fix(es):\n\n* kubeclient: kubeconfig parsing error can lead to MITM attacks (CVE-2022-0759)\n\n* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)\n