Security Bulletin: Vulnerability in requests affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2024-35195]

Summary The requests package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2024-35195 Vulnerability Details CVEID:CVE-2024-35195 DESCRIPTION: Psf Requests could allow a local authenticated attacker to bypass security...

Security Bulletin: Vulnerability in urllib3 affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0)[CVE-2023-43804, CVE-2023-45803]

Summary The urllib3 package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEsCVE-2023-43804, CVE-2023-45803 Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. urllib3...

EUVD-2007-0143

Malware in sbrugna...

EUVD-2025-25387

Malicious code in bioql PyPI...

CVE-2025-20345

A vulnerability in the debug logging function of Cisco Duo Authentication Proxy could allow an authenticated, high-privileged, remote attacker to view sensitive information in a system log file. This vulnerability is due to insufficient masking of sensitive information before it is written to...

Security Bulletin: Vulnerability in jinja2 affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2024-22195]

Summary The jinja2 package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2024-22195 Vulnerability Details CVEID:CVE-2024-22195 DESCRIPTION: Jinja is an extensible templating engine. Special placeholders in the template allow...

Security Bulletin: Vulnerability in cryptography affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2023-2650, CVE-2023-4807, CVE-2023-3446 ]

Summary The cryptography package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2023-2650, CVE-2023-4807, CVE-2023-3446 Vulnerability Details CVEID:CVE-2023-2650 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caus...

Security Bulletin: Vulnerability in jetty-server affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2024-6763, CVE-2024-8184]

Summary The jetty-server package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2024-6763, CVE-2024-8184 Vulnerability Details CVEID:CVE-2024-6763 DESCRIPTION: Eclipse Jetty is a lightweight, highly scalable, Java-based web...

Security Bulletin: Vulnerability in jetty-http affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0)[CVE-2023-36478]

Summary The jetty-http package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEsCVE-2023-36478 Vulnerability Details CVEID:CVE-2023-36478 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by an integer overflow...

Security Bulletin: Vulnerability in Cryptography affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0)[CVE-2023-38325]

Summary The Cryptography package is used by IBM Cloud Pak for Data System 2.0. IBM Cloud Pak for Data System 2.0 has addressed the applicable CVE CVE-2023-38325 Vulnerability Details CVEID:CVE-2023-38325 DESCRIPTION: The cryptography package before 41.0.2 for Python mishandles SSH certificates th...

Security Bulletin: Vulnerability in cryptography affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2023-23931]

Summary The cryptography package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2023-23931 Vulnerability Details CVEID:CVE-2023-23931 DESCRIPTION: cryptography is a package designed to expose cryptographic primitives and...

Security Bulletin: Vulnerability in requests affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2024-35195].

Summary The requests package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2024-35195. Vulnerability Details CVEID:CVE-2024-35195 DESCRIPTION: Psf Requests could allow a local authenticated attacker to bypass security...

Security Bulletin: Vulnerability in idna affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2024-3651].

Summary The idna package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2024-3651. Vulnerability Details CVEID:CVE-2024-3651 DESCRIPTION: idna could allow a local user to cause a denial of service using a specially crafted...

Security Bulletin: Vulnerability in gunicorn affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2024-6827].

Summary The gunicorn package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2024-6827. Vulnerability Details CVEID:CVE-2024-6827 DESCRIPTION: Gunicorn version 21.2.0 does not properly validate the value of the 'Transfer-Encodin...

Security Bulletin: Vulnerability in Flask-Cors affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2024-6221].

Summary The FlaskCors package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2024-6221. Vulnerability Details CVEID:CVE-2024-6221 DESCRIPTION: A vulnerability in corydolphin/flask-cors version 4.0.1 allows the...

Security Bulletin: Vulnerability in commons-compress affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2024-25710, CVE-2024-26308].

Summary The commons-compress package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2024-25710, CVE-2024-26308. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Loop with Unreachable Exit Condition 'Infinite Loop'...

Security Bulletin: Vulnerability in urllib3 affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2023-43804].

Summary The urllib3 package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2023-43804. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 could allow a remote authenticated attacker to obtain sensitive information,...

Security Bulletin: Vulnerability in Flask-Cors affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2020-25032]

Summary The Flask-Cors package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2020-25032. Vulnerability Details CVEID:CVE-2020-25032 DESCRIPTION: Flask-CORS could allow a remote attacker to traverse directories on the system. A...

Security Bulletin: Vulnerability in requests affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2023-32681]

Summary The requests package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2023-32681. Vulnerability Details CVEID:CVE-2023-32681 DESCRIPTION: Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking...

Security Bulletin: Vulnerability in Flask affects IBM Cloud Pak for Data System 1.0 (CPDS 1.0)[CVE-2023-30861]

Summary The Flask package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2023-30861. Vulnerability Details CVEID:CVE-2023-30861 DESCRIPTION: Pallets Flask could allow a remote attacker to obtain sensitive information, caused by...