SB2023051504 - Multiple vulnerabilities in IBM Db2 Graph
Published: May 15, 2023 Updated: March 25, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 21 secuirty vulnerabilities.
1) Stack-based buffer overflow (CVE-ID: CVE-2022-38750)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when handling YAML files. A remote attacker can pass a specially crafted YAML file to the application, trigger a stack-based buffer overflow and perform a denial of service (DoS) attack.2) Improper input validation (CVE-ID: CVE-2022-37865)
The vulnerability allows a remote non-authenticated attacker to damange or delete data.
The vulnerability exists due to improper input validation within the Installation (Apache Ivy) component in Oracle Communications Cloud Native Core Automated Test Suite. A remote non-authenticated attacker can exploit this vulnerability to damange or delete data.
3) Path traversal (CVE-ID: CVE-2022-37866)
The vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can trick the victim into downloading a specially crafted artifact and write files to an arbitrary location on the system.
4) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-23920)
The vulnerability allows a remote user to gain access to sensitive information.
The vulnerability exists due to application insecurely loads ICU data through ICU_DATA environment variable with elevated privileges. A remote user can gain access to potentially sensitive information.
5) Incorrect Regular Expression (CVE-ID: CVE-2023-24807)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation when user-supplied input within the `Headers.set()` and `Headers.append()` methods. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.
6) HTTP response splitting (CVE-ID: CVE-2023-23936)
The vulnerability allows a remote attacker to perform HTTP splitting attacks.
The vulnerability exists due to software does not correctly process CRLF character sequences when handling HTTP "Host" header. A remote attacker can send specially crafted request containing CRLF sequence and make the application to send a split HTTP response.
Successful exploitation of the vulnerability may allow an attacker perform cache poisoning attack.
7) Resource management error (CVE-ID: CVE-2023-23919)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to in some cases Node.js does does not clear the OpenSSL error stack after operations that may set it. A remote attacker can trigger false positive errors during subsequent cryptographic operations on the same thread and perform a denial of service (DoS) attack.
8) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-23918)
The vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to improperly imposed security restrictions within the process.mainModule.require() method. A remote user can access non authorized modules.
9) Resource exhaustion (CVE-ID: CVE-2022-25857)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when handling YAML files. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
10) Out-of-bounds write (CVE-ID: CVE-2022-41854)
The vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a boundary error when parsing untrusted YAML files. A remote attacker can send a specially crafted YAML file, trick the victim into opening it using the affected software, trigger out-of-bounds write and perform a denial of service attack.
11) Stack-based buffer overflow (CVE-ID: CVE-2022-38749)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when handling YAML files. A remote attacker can pass a specially crafted YAML file to the application, trigger a stack-based buffer overflow and perform a denial of service (DoS) attack.12) Out-of-bounds write (CVE-ID: CVE-2022-38751)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when processing untrusted YAML input. A remote attacker can pass a specially crafted YAML file to the application, trigger out-of-bounds write and perform a denial of service (DoS) attack.
13) Stack-based buffer overflow (CVE-ID: CVE-2022-38752)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when handling YAML files. A remote attacker can pass a specially crafted YAML file to the application, trigger a stack-based buffer overflow and perform a denial of service (DoS) attack.
14) Deserialization of Untrusted Data (CVE-ID: CVE-2022-42003)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insecure input validation when processing serialized data when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. A remote attacker can pass specially crafted data to the application and cause a denial of service condition on the target system.
15) Resource exhaustion (CVE-ID: CVE-2022-42004)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control usage of deeply nested arrays in BeanDeserializer._deserializeFromArray. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
16) Out-of-bounds read (CVE-ID: CVE-2020-8244)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted file and trigger an out-of-bounds read error and read contents of memory on the system.
17) Inefficient Algorithmic Complexity (CVE-ID: CVE-2022-25881)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to regular expression denial of service that occurs when the server reads the cache policy from the request using this library. A remote unauthenticated attacker can send malicious request header values to the server and perform a denial of service attack.
18) Code Injection (CVE-ID: CVE-2022-33980)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation. A remote attacker can pass specially crafted input to the application and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
19) Code Injection (CVE-ID: CVE-2022-42889)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to an insecure variable interpolation when processing untrusted input. A remote attacker can send a specially crafted input and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Note, the vulnerability was dubbed Text4shell.
20) HTTP response splitting (CVE-ID: CVE-2022-41915)
The vulnerability allows a remote attacker to perform HTTP splitting attacks.
The vulnerability exists due to software does not validate header values when calling DefaultHttpHeaders.set with an iterator of values. A remote attacker can inject arbitrary header values and perform HTTP splitting attacks.
Successful exploitation of the vulnerability may allow an attacker perform cache poisoning attack.
21) Infinite loop (CVE-ID: CVE-2022-41881)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the HaProxyMessageDecoder when parsing a TLV with type of "PP2_TYPE_SSL". A remote attacker can pass a specially crafted message to consume all available system resources and cause denial of service conditions.
Remediation
Install update from vendor's website.