SB2023062257 - Multiple vulnerabilities in IBM Spectrum Discover
Published: June 22, 2023 Updated: June 9, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 40 secuirty vulnerabilities.
1) Information disclosure (CVE-ID: CVE-2022-29244)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to npm pack ignores root-level .gitignore and .npmignore file exclusion
directives when run in a workspace or with a workspace flag (ie.
`--workspaces`, `--workspace=
2) Input validation error (CVE-ID: CVE-2022-40898)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input passed to wheel cli. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
3) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2022-29217)
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to use of a broken or risky cryptographic algorithm. A remote attacker can cause key confusion through non-blocklisted public key formats.
4) Buffer overflow (CVE-ID: CVE-2018-25032)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when compressing data. A remote attacker can pass specially crafted input to the application, trigger memory corruption and perform a denial of service (DoS) attack.
5) Incorrect Regular Expression (CVE-ID: CVE-2022-42969)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation in Subversion repository caused by a mishandled InfoSvnCommand argument. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.
6) Improper input validation (CVE-ID: CVE-2022-1941)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Connector/Python (Python) component in MySQL Connectors. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.
7) Information disclosure (CVE-ID: CVE-2023-32681)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. A remote attacker can gain unauthorized access to sensitive information on the system.
8) Incorrect Regular Expression (CVE-ID: CVE-2022-40897)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation when processing HTML content. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.
9) Incorrect Regular Expression (CVE-ID: CVE-2022-25927)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation passed via the trim() function. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.
10) Insufficient verification of data authenticity (CVE-ID: CVE-2022-23491)
The vulnerability allows a remote attacker to bypass certificate validation checks.
The vulnerability exists due to presence of the TrustCor certificate in the Root Certificates list. the certificate is removed due to TrustCor's ownership also operated a business that produced spyware. Therefore, any checks that rely on digital signatures of trusted certificates were compromised.
11) Information disclosure (CVE-ID: CVE-2023-30861)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to missing Vary: Cookie header. A remote attacker can gain unauthorized access to sensitive information on the system.
12) Error Handling (CVE-ID: CVE-2023-23931)
The vulnerability allows an attacker to misuse Python API.
The vulnerability exists due to a soundness bug within the Cipher.update_into function, which can allow immutable objects (such as bytes) to be mutated. A malicious programmer can misuse Python API to introduce unexpected behavior into the application.
13) Incorrect Regular Expression (CVE-ID: CVE-2022-40023)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation when processing regular expressions within the Lexer class. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.
14) Input validation error (CVE-ID: CVE-2022-36087)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within uri_validate functions. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
15) Open redirect (CVE-ID: CVE-2022-33987)
The vulnerability allows a remote attacker to redirect victims to arbitrary URL.
The vulnerability exists due to requested URLs are not verified and allow open redirection to a local UNIX socket. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.
Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.
16) Open redirect (CVE-ID: CVE-2023-28370)
The vulnerability allows a remote attacker to redirect victims to arbitrary URL.
The vulnerability exists due to improper sanitization of user-supplied data. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.
Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.
17) Arbitrary file upload (CVE-ID: CVE-2022-27140)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to insufficient validation of file extension when uploading files. A remote attacker can upload and execute arbitrary file on the system via a crafted PHP file.
18) Arbitrary file upload (CVE-ID: CVE-2022-27261)
The vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to insufficient validation of file during file upload. A remote attacker can upload a malicious file and execute it on the server.
19) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2022-29361)
The vulnerability allows a remote attacker to perform HTTP request smuggling attacks.
The vulnerability exists due to improper validation of HTTP requests. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.
Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.
20) Prototype pollution (CVE-ID: CVE-2022-46175)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data within the JSON5.parse() function. A remote attacker can inject and execute arbitrary script code.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
21) Resource exhaustion (CVE-ID: CVE-2022-2596)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
22) Resource exhaustion (CVE-ID: CVE-2022-45061)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to usage of an unnecessary quadratic algorithm in one path when processing some inputs to the IDNA (RFC 3490) decoder. A remote attacker can pass a specially crafted name to he decoder, trigger resource excessive CPU consumption and perform a denial of service (DoS) attack.
23) Prototype pollution (CVE-ID: CVE-2022-37601)
The disclosed vulnerability allows a remote attacker to perform prototype pollution attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data within the parseQuery() function in parseQuery.js. A remote attacker can inject and execute arbitrary JavaScript code.
24) Incorrect authorization (CVE-ID: CVE-2021-3563)
The vulnerability allows a remote attacker to bypass security restrictions.
The vulnerability exists due to only the first 72 characters of an application secret are verified. A remote attacker can gain unauthorized access to bypass security restrictions.
25) Double Free (CVE-ID: CVE-2022-31117)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when decoding untrusted input. A remote attacker can pass specially crafted data to the application, trigger double free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
26) Input validation error (CVE-ID: CVE-2022-31116)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error when decoding untrusted input. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
27) Incorrect Regular Expression (CVE-ID: CVE-2022-31129)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper validation of user-supplied input when parsing overly long strings. A remote attacker can pass a string that contains more that 10k characters and perform regular expression denial of service (ReDoS) attack.
28) Path traversal (CVE-ID: CVE-2022-24785)
The vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences within the npm version of Moment.js. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.
29) Input validation error (CVE-ID: CVE-2022-24434)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can send a modified form to server, and crash the nodejs service. An attacker can sent the payload again and again so that the service continuously crashes.
30) Type conversion (CVE-ID: CVE-2020-10735)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a type confusion in algorithms with quadratic time complexity when using non-binary bases within the int() call. A remote attacker can pass specially crafted data to the affected application and perform a denial of service (DoS) attack.
31) Input validation error (CVE-ID: CVE-2023-23934)
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to insufficient validation of "nameless" cookies. A remote attacker can manipulate cookie values for an arbitrary domain.
32) Incorrect Regular Expression (CVE-ID: CVE-2022-40899)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation when processing the Set-Cookie header. A remote attacker can send a specially crafted HTTP request to the application and perform a regular expression denial of service (ReDoS) attack.
33) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2022-23541)
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to insecure implementation of key retrieval function. A remote user attacker can cause successful validation of forged tokens.
34) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2022-23539)
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to insecure key types are used for signature verification. A remote user can enable legacy keys usage.
35) Input validation error (CVE-ID: CVE-2022-23529)
The vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to insufficient validation of user-supplied input in jwt.verify function. A remote attacker can pass specially crafted input to the application and execute arbitrary code on the target system.
36) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2022-23540)
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to insecure default algorithm in jwt.verify(). A remote attacker can cause signature validation bypass.
37) Type Confusion (CVE-ID: CVE-2023-0286)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a type confusion error related to X.400 address processing inside an X.509 GeneralName. A remote attacker can pass specially crafted data to the application, trigger a type confusion error and perform a denial of service (DoS) attack or read memory contents.
In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.
38) Input validation error (CVE-ID: CVE-2022-38900)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
39) Prototype pollution (CVE-ID: CVE-2022-24999)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation. A remote attacker can send a specially crafted request and perform a denial of service (DoS) attack.
40) Resource exhaustion (CVE-ID: CVE-2023-25577)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when parsing multipart form data with many fields. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.