Latest ibm cloud transformation advisor Vulnerabilities

IBM-6846257
IBM Cloud Transformation Advisor<=2.0.1 - 3.3.1
CVE-2022-41299
IBM Cloud Transformation Advisor cross-site scripting
IBM Cloud Transformation Advisor>=2.0.1<3.4.0
IBM Cloud Transformation Advisor<=2.0.1 - 3.3.1
CVE-2022-40156
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent acciden...
IBM Cloud Transformation Advisor<=2.0.1 - 3.3.1
CVE-2022-40152
A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending...
IBM QRadar SIEM<=7.5 - 7.5.0 UP7
Xstream Project Xstream<=1.4.19
Fasterxml Woodstox<5.4.0
Fasterxml Woodstox>=6.0.0<6.4.0
redhat/woodstox-core<6.4.0
redhat/woodstox-core<5.4.0
and 4 more
CVE-2022-40154
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent acciden...
IBM Cloud Transformation Advisor<=2.0.1 - 3.3.1
CVE-2022-40153
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent acciden...
IBM Cloud Transformation Advisor<=2.0.1 - 3.3.1
CVE-2022-40155
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent acciden...
IBM Cloud Transformation Advisor<=2.0.1 - 3.3.1
CVE-2022-38750
DoS in SnakeYAML
redhat/candlepin<0:4.2.13-1.el8
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el8
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el9
Snakeyaml Project Snakeyaml<1.31
Debian Debian Linux=10.0
and 3 more
CVE-2022-38752
DoS in SnakeYAML
redhat/eap7-snakeyaml<0:1.33.0-2.SP1_redhat_00001.1.el8ea
redhat/eap7-snakeyaml<0:1.33.0-2.SP1_redhat_00001.1.el9ea
redhat/eap7-snakeyaml<0:1.33.0-2.SP1_redhat_00001.1.el7ea
redhat/candlepin<0:4.2.13-1.el8
redhat/rh-sso7-keycloak<0:18.0.7-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:18.0.7-1.redhat_00001.1.el8
and 4 more
CVE-2022-38751
DoS in SnakeYAML
redhat/candlepin<0:4.2.13-1.el8
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el8
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el9
Snakeyaml Project Snakeyaml<1.31
Debian Debian Linux=10.0
and 2 more
CVE-2022-38749
DoS in SnakeYAML
redhat/candlepin<0:4.2.13-1.el8
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el8
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el9
Snakeyaml Project Snakeyaml<1.31
Debian Debian Linux=10.0
and 9 more
CVE-2022-25857
Denial of Service (DoS)
Snakeyaml Project Snakeyaml<1.31
Debian Debian Linux=10.0
redhat/org.yaml.snakeyaml<1.31
IBM Cloud Transformation Advisor<=2.0.1 - 3.3.1
maven/org.yaml:snakeyaml<1.31
CVE-2022-21541
An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact.
debian/openjdk-11
debian/openjdk-17
debian/openjdk-8
IBM Cloud Transformation Advisor<=2.0.1 - 3.3.1
Oracle GraalVM=20.3.6
Oracle GraalVM=21.3.2
and 154 more
CVE-2022-21540
An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown atta...
debian/openjdk-11
debian/openjdk-17
debian/openjdk-8
IBM Cloud Transformation Advisor<=2.0.1 - 3.3.1
Oracle GraalVM=20.3.6
Oracle GraalVM=21.3.2
and 155 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203