SB2025081337 - Multiple vulnerabilities in Astronomer with IBM

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025081337

SB2025081337 - Multiple vulnerabilities in Astronomer with IBM

Published: August 13, 2025

Security Bulletin ID SB2025081337
Severity
Critical
Patch available
YES
Number of vulnerabilities 13
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Critical 8% High 15% Medium 69% Low 8%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 13 secuirty vulnerabilities.


1) NULL pointer dereference (CVE-ID: CVE-2024-37890)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error when handling requests with the number of headers that exceeds the "server.maxHeadersCount" value. A remote attacker can send a specially crafted request to the application and perform a denial of service (DoS) attack.


2) Uncontrolled Recursion (CVE-ID: CVE-2024-7254)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation when parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields. A remote attacker can pass specially crafted input to the application to create unbounded recursions and perform a denial of service (DoS) attack.


3) Resource exhaustion (CVE-ID: CVE-2024-47554)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when handling untrusted input passed to the org.apache.commons.io.input.XmlStreamReader class. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.


4) Inefficient regular expression complexity (CVE-ID: CVE-2024-45296)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient input validation when processing untrusted input with a regular expressions. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.


5) Type Confusion (CVE-ID: CVE-2024-4367)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a type confusion error when handling fonts in PDF.js. A remote attacker can trick the victim to visit a specially crafted website, trigger a type confusion error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


6) Server-Side Request Forgery (SSRF) (CVE-ID: CVE-2024-39338)

The disclosed vulnerability allows a remote attacker to perform SSRF attacks.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.

Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.


7) Out-of-bounds read (CVE-ID: CVE-2024-37371)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when handling GSS message token. A remote attacker can send specially crafted token to the application, trigger an out-of-bounds read error and read contents of memory on the system.


8) Input validation error (CVE-ID: CVE-2024-37370)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.


9) Infinite loop (CVE-ID: CVE-2024-25710)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop when processing a corrupt DUMP file. A remote attacker can consume all available system resources and cause denial of service conditions.


10) Incorrect Regular Expression (CVE-ID: CVE-2024-21538)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient input validation when processing regular expressions. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.


11) Improper Control of Dynamically-Managed Code Resources (CVE-ID: CVE-2022-25878)

The vulnerability allows a remote attacker to modify data on the system.

The vulnerability exists due to Prototype Pollution error in protobufjs. A remote unauthenticated attacker can provide an untrusted user input to the util.setProperty or to the ReflectionObject.setParsedOption functions, and also by parse/load .proto files to modify data on the system.


12) Prototype pollution (CVE-ID: CVE-2023-36665)

The vulnerability allows a remote attacker to execute arbitrary JavaScript code.

The vulnerability exists due to improper input validation. A remote attacker can pollute the prototype of Object.prototype by adding and overwriting its data and functions.


13) Uncontrolled Recursion (CVE-ID: CVE-2023-1370)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to uncontrolled recursion when processing nested arrays and objects. A remote attacker can pass specially crafted JSON data to the application and perform a denial of service (DoS) attack.


Remediation

Install update from vendor's website.

References