40 matches found
EUVD-2023-34862
Malicious code in bioql PyPI...
Security Bulletin: FreeType Remote Code Execution Vulnerability affects IBM Watson Machine Learning Accelerator on Cloud Pak for Data
Summary FreeType Remote Code Execution Vulnerability affects IBM Watson Machine Learning Accelerator on Cloud Pak for Data. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-27363 DESCRIPTION: An out of bounds write exists in FreeType versions 2.13.0 and below newer...
Security Bulletin: Mutiple Vulnerabilties in Open Source packages affecting IBM Watson Machine Learning Accelerator on Cloud Pak for Data
Summary IBM Watson Machine Learning Accelerator on Cloud Pak for Data is vulnerable to several open source vulnerabilites. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2022-1996 DESCRIPTION: go-restful could allow a remote attacker to...
Security Bulletin: Multiple vulnerabilities in JQuery Java Script Library Affects IBM Watson Machine Learning Accelerator on Cloud Pak for Data
Summary Vulnerablities in jquery affects IBM Watson Machine Learning Accelerator on Cloud Pak for Data. These are addressed. Vulnerability Details CVEID:CVE-2019-11358 DESCRIPTION: jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplie...
Security Bulletin: IBM Watson Machine Learning Accelerator on Cloud Pak for Data is vunerable to libsass and node-sass vulnerabilities
Summary IBM Watson Machine Learning Accelerator on Cloud Pak for Data is vunerable to the dependencies in the opensource library libsass-3.5.5 and opennms-opennms-source-25.1.1-1 . These are fixed. Vulnerability Details CVEID:CVE-2018-11696 DESCRIPTION: LibSaas is vulnerable to a denial of servic...
Security Bulletin: Mutiple Vulnerabilties Affecting IBM Watson Machine Learning Accelerator
Summary IBM Watson Machine Learning Accelerator 1.2.x is vulnerable to several vulnerabilities coming from dependent compoents. These are addressed. Vulnerability Details CVEID:CVE-2023-20863 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improper input...
CVE-2023-30444 IBM Watson Machine Learning on Cloud Pak for Data server-side request forgery
IBM Watson Machine Learning on Cloud Pak for Data 4.0 and 4.5 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 253350...
CVE-2023-30444 IBM Watson Machine Learning on Cloud Pak for Data server-side request forgery
IBM Watson Machine Learning on Cloud Pak for Data 4.0 and 4.5 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 253350...
PT-2023-22695 · Ibm · Ibm Watson Machine Learning
Name of the Vulnerable Software and Affected Versions: IBM Watson Machine Learning on Cloud Pak for Data versions 4.0 through 4.5 Description: The issue allows an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other...
Security Bulletin: IBM Watson Machine Learning on Cloud Pak for Data is affected by SSRF vulnerability (CVE-2023-30444)
Summary IBM Watson Machine Learning on Cloud Pak for Data is affected to server-side request forgery SSRF. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2023-30444 DESCRIPTION: IBM Watson Machine Learning on Cloud Pak for Data is vulnerable to server-side request forgery...
Security Bulletin: IBM Waston Machine Learning Acclerator is affected by an OpenSSL vulnerability
Summary There is a vulnerability in OpenSSL used by IBM Watson Machine Learning Accelerator. IBM Watson Machine Learning Accelerator havs addressed the applicable CVE, CVE-2020-1971. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products an...
Security Bulletin: Vulnerability in json4j - CVE-2021-3918 (Publicly disclosed vulnerability) impacts IBM Watson Machine Learning Accelerator
Summary Json4j is used IBM Watson Machine Learning Accelerator. This bulletin provides mitigations for the addressable vulnerability CVE-2021-3918 by upgrading addressable to latest version. Vulnerability Details CVEID: CVE-2021-3918 DESCRIPTION: Json-schema could allow a remote attacker to execu...
Security Bulletin: Vulnerability in [All] Spring Framework - CVE-2021-22060 (Publicly disclosed vulnerability) impacts IBM Watson Machine Learning Accelerator
Summary Spring Framework is used IBM Watson Machine Learning Accelerator. This bulletin provides mitigations for the addressable vulnerability CVE-2021-22060 by upgrading addressable to latest version. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
Security Bulletin: IBM Watson Machine Learning in Cloud Pak for Data is vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105, CVE-2021-45046)
Summary There are multiple Apache Log4j vulnerabilities CVE-2021-45105, CVE-2021-45046 impacting IBM Watson Machine Learning in Cloud Pak for Data which uses Apache Log4j for logging. The fix includes Apache Log4j 2.17. Vulnerability Details CVEID: CVE-2021-45105 DESCRIPTION: Apache Log4j is...
Security Bulletin: Vulnerability in addressable - CVE-2021-32740 impacts IBM Watson Machine Learning Accelerator
Summary Addressable is used IBM Watson Machine Learning Accelerator. This bulletin provides mitigations for the addressable vulnerability CVE-2021-32740 by upgrading addressable to latest version. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affect...
Security Bulletin: Multiple Vulnerabilities in Apache Commons Compress affect WebSphere Application Server
Summary Multiple Vulnerabilities in Apache Commons Compress affect WebSphere Application Server, upgrade commons-compress-1.20.jar to commons-compress-1.21.jar Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...
Security Bulletin: A vulnerability in Spring Framework affects IBM Watson Machine Learning Accelerator
Summary A vulnerability exists in Spring Framework version used by IBM Watson Machine Learning Accelerator. Spring framework upgrade to version 5.2.15 which resolves these vulnerabilities, is available on IBM Fix Central. Vulnerability Details CVEID: CVE-2021-22118 DESCRIPTION: VMware Tanzu Sprin...
Security Bulletin: A vulnerability in Bouncy Castle affect IBM Watson Machine Learning Accelerator
Summary A vulnerability exists in the Bouncy Castle version used by IBM Watson Machine Learning Accelerator. Bouncy Castle upgrade to version 1.69 which resolves these vulnerabilities, is available on IBM Fix Central. Vulnerability Details CVEID: CVE-2020-15522 DESCRIPTION: Bouncy Castle BC Java,...
Security Bulletin: Multiple TensorFlow Vulnerabilities Affect IBM Watson Machine Learning on CP4D
Summary TensorFlow is vulnerable to a denial of service on IBM Watson Machine Learning on CP4D Vulnerability Details CVEID: CVE-2021-29538 DESCRIPTION: TensorFlow is vulnerable to a denial of service, caused by division by zero in Conv2DBackpropFilter. By sending a specially-crafted request, a...
Security Bulletin: Golang Go Vulnerability Affects IBM Watson Machine Learning on CP4D (CVE-2021-31525)
Summary Golang Go is vulnerable to a denial of service, caused by a flaw in net/http on IBM Watson Machine Learning on CP4D Vulnerability Details CVEID: CVE-2021-31525 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a flaw in net/http. By sending a specially-crafted header ...