High Severity

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Share this post:

IBM Cloud Transformation Advisor has addressed multiple security vulnerabilities including those in Node.js, Java SE and various other libraries.

CVE(s): CVE-2022-33879, CVE-2022-30973, CVE-2019-16869, CVE-2019-20444, CVE-2019-20445, CVE-2021-21295, CVE-2021-21409, CVE-2021-37136, CVE-2021-37137, CVE-2021-43797, CVE-2020-29582, CVE-2022-24329

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Cloud Transformation Advisor 2.0.1 – 3.2.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6607599
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/229881
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/227638
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/167672
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/175487
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/175486
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/197999
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/199150
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211777
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/211779
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/215118
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/196239
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/220617

More stories

Security Bulletin: Vulnerabilities in FasterXML Jackson Databind and Apache Xerces affect IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments

September 28, 2022 | High Severity

IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments may be affected by the below FasterXML Jackson Databind and Apache Xerces vulnerabilities (CVEs). ...read more


Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from curl, systemd, and Golang Go

September 28, 2022 | High Severity

Multiple issues were identified in Red Hat UBI(ubi8/ubi-minimal) v8.6-x packages [curl, systemd and Golang Go] that were shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. ...read more


Security Bulletin: Rational Service Tester contains a vulnerability which could affect Eclipse Jetty. Rational Service Tester has taken steps to mitigate this vulnerability.

September 28, 2022 | High Severity

Eclipse Jetty contains a vulnerability that may allow a remote attacker to exploit this vulnerability to consume CPU that remains high even without any traffic. ...read more