Lucene search
K

12 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/02/08 7:5 p.m.43 views

Security Bulletin: Mutiple Vulnerabilties affects IBM Watson Machine Learning Accelerator 3.5.0 for Cloud Pak for Data 4.6.5

Summary IBM Watson Machine Learning Accelerator 3.5.0 for Cloud Pak for Data 4.6.5 is affected by multiple vulnerabilities. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2022-3697 DESCRIPTION: Ansible Collections Amazon AWS Collection...

7.5CVSS7.7AI score0.04561EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/12 5:28 p.m.36 views

Security Bulletin: IBM Watson Machine Learning Accelerator on Cloud Pak for Data is vulnerable to multiple vulnerabilities

Summary IBM Watson Machine Learning Accelerator on Cloud Pak for Data is affected by opennms-opennms-source-26.0.0-1 dependent packages. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2020-8116 DESCRIPTION: Node.js dot-prop could allow a...

9.8CVSS9.9AI score0.15014EPSS
Exploits32Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/06 4:32 p.m.35 views

Security Bulletin: Mutiple Vulnerabilties in Open Source packages affects IBM Watson Machine Learning Accelerator on Cloud Pak for Data

Summary IBM Watson Machine Learning Accelerator on Cloud Pak for Data component GUI, Notebook and Logstash are vulenrable to multiple vunerabilites. These are fixed. Vulnerability Details CVEID:CVE-2022-25857 DESCRIPTION: Java package org.yaml:snakeyam is vulnerable to a denial of service, caused...

9.8CVSS9.2AI score0.99615EPSS
Exploits34Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/06 4:17 p.m.48 views

Security Bulletin: Multiple vulnerabilities in go.etcd.io/etcd package affects IBM Watson Machine Learning Accelerator on Cloud Pak for Data

Summary Multiple vulnerabilities in the go.etcd.io/etcd package affects IBM Watson Machine Learning Accelerator on Cloud Pak for Data. These vulnerabilities are fixed. Vulnerability Details CVEID:CVE-2020-7919 DESCRIPTION: Go is vulnerable to a denial of service. By sending a malformed X.509...

8.8CVSS10AI score0.50445EPSS
Exploits16Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/13 3:22 p.m.73 views

Security Bulletin: Mutiple Vulnerabilties Affecting Watson Machine Learning Accelerator on Cloud Pak for Data version

Summary IBM Watson Machine Learning Accelerator on Cloud Pak for Data version 2.6.0 is vulnerable to several vulnerabilities coming from dependent compoents. These are addressed. Vulnerability Details CVEID:CVE-2022-29361 DESCRIPTION: Pallets Werkzeug is vulnerable to HTTP request smuggling, caus...

9.8CVSS9.6AI score0.52063EPSS
Exploits14Affected Software1
OSV
OSV
added 2023/04/27 1:15 p.m.4 views

CVE-2023-30444

IBM Watson Machine Learning on Cloud Pak for Data 4.0 and 4.5 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 253350...

6.5CVSS6.6AI score0.00404EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/21 1:34 a.m.102 views

Security Bulletin: IBM Watson Machine Learning Accelerator is vulnerable to denial of service and arbitrary code execution due to Apache Log4j (CVE-2021-45105, CVE-2021-4104, CVE-2021-44228, CVE-2021-45046)

Summary Apache Log4j CVE-2021-45105, CVE-2021-4104, CVE-2021-44228, CVE-2021-45046 is used by IBM Watson Machine Learning Accelerator as part of its logging infrastructure. The fix includes Apache Log4j v2.17.1. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

10CVSS2.3AI score0.99999EPSS
Exploits357Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/21 3:8 a.m.181 views

Security Bulletin: Vulnerability in Apache Log4j (CVE-2021-44228) impacts IBM Watson Machine Learning Accelerator

Summary Log4j is used by IBM Watson Machine Learning Accelerator for generating logs in some of its components. This bulletin provides mitigations for the Log4j vulnerability CVE-2021-44228 by applying workaround steps to IBM Watson Machine Learning Accelerator. Vulnerability Details Refer to the...

10CVSS0.9AI score0.99999EPSS
Exploits352Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/02 6:2 p.m.40 views

Security Bulletin: Multiple TensorFlow Vulnerabilities Affect IBM Watson Machine Learning on CP4D

Summary TensorFlow is vulnerable to a denial of service on IBM Watson Machine Learning on CP4D Vulnerability Details CVEID: CVE-2021-29547 DESCRIPTION: TensorFlow is vulnerable to a denial of service, caused by heap out-of-bounds in QuantizedBatchNormWithGlobalNormalization. By sending a...

7.8CVSS0.8AI score0.0031EPSS
Exploits30Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/30 5:2 a.m.39 views

Security Bulletin: Netty Vulnerability Affects IBM Watson Machine Learning on CP4D (CVE-2021-21295)

Summary Netty is vulnerable to HTTP request smuggling, caused by improper validation of Content-Length header by the Http2MultiplexHandler on IBM Watson Machine Learning on CP4D Vulnerability Details CVEID: CVE-2021-21295 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by...

5.9CVSS0.6AI score0.18891EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/03 3:5 p.m.24 views

Security Bulletin: Netty security vulnerabilities on IBM Watson Machine Learning Server

Summary Netty is vulnerable to allow HTTP Request Smuggling on IBM Watson Machine Learning Server Vulnerability Details CVEID: CVE-2020-7238 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw when handling Transfer-Encoding whitespace and a later Content-Length header. B...

7.5CVSS0.1AI score0.03617EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/19 5:0 p.m.22 views

Security Bulletin: A security vulnerability has been identified in Bleach shipped with IBM Watson Machine Learning Community Edition (WMLCE)

Summary Multiple vulnerabilities have been found in the Bleach package, which is either built in to or distributed with IBM WMLCE. Vulnerability Details CVEID: CVE-2020-6816 DESCRIPTION: Mozilla Bleach is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by...

6.1CVSS0.6AI score0.01688EPSS
Exploits2Affected Software1
Rows per page
Query Builder