Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an injection attack in huggingface/transformers [CVE-2025-3777]
Summary IBM Watson Speech Services Cartridge is vulnerable to an injection attack in huggingface/transformers, due to an improper input validation vulnerability in the imageutils.py file CVE-2025-3777, Huggingface/transformers is used in our speech service runtimes. This vulnerabilitiy has been...