7 matches found
Security Bulletin: IBM Watson OpenScale on Cloud Pak for Data is impacted by CVE-2021-3177
Summary IBM Watson OpenScale on Cloud Pak for Data has addressed CVE-2021-3177. Vulnerability Details CVEID: CVE-2021-3177 DESCRIPTION: Python is vulnerable to a buffer overflow, caused by improper bounds checking by the PyCArgrepr function in ctypes/callproc.c. By sending specially-crafted...
Security Bulletin: IBM Watson OpenScale on Cloud Pak for Data is impacted by Vulnerabilities in Node.js
Summary IBM Watson OpenScale on Cloud Pak for Data has addressed CVE-2021-23337, CVE-2021-23327, CVE-2021-23334, CVE-2021-27191, CVE-2021-23335. Vulnerability Details CVEID: CVE-2021-23337 DESCRIPTION: Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands...
Security Bulletin: IBM Watson OpenScale on Cloud Pak for Data is Impacted by Multiple Vulnerabilities
Summary IBM Watson OpenScale on Cloud Pak for Data has addressed Node.js npm-registry-fetch, npm CLI module vulnerabilities. Vulnerability Details Third Party Entry: 184667 DESCRIPTION: Node.js npm-registry-fetch module information disclosure CVSS Base score: 7.5 CVSS Temporal Score: See:...
Security Bulletin: IBM Watson OpenScale on Cloud Pak for Data is impacted by CVE-2020-25659
Summary IBM Watson OpenScale on Cloud Pak for Data has addressed CVE-2020-25659. Vulnerability Details CVEID: CVE-2020-25659 DESCRIPTION: python-cryptography could allow a remote attacker to obtain sensitive information, caused by a Bleichenbacher timing attack. By sending a specially-crafted...
Security Bulletin: IBM Watson OpenScale on Cloud Pak for Data is impacted by CVE-2020-8277
Summary IBM Watson OpenScale on Cloud Pak for Data has addressed CVE-2020-8277. Vulnerability Details CVEID: CVE-2020-8277 DESCRIPTION: Node.js is vulnerable to a denial of service. By getting the application to resolve a DNS record with a larger number of responses, an attacker could exploit thi...
Security Bulletin: IBM Watson OpenScale on Cloud Pak for Data is impacted by CVE-2020-26116
Summary IBM Watson OpenScale on Cloud Pak for Data has addressed CVE-2020-26116. Vulnerability Details CVEID: CVE-2020-26116 DESCRIPTION: Python is vulnerable to CRLF injection, caused by improper validation of user-supplied input in http.client. By inserting CR and LF control characters in the...
Security Bulletin: IBM Watson OpenScale on Cloud Pak for Data is impacted by CVE-2020-14422
Summary IBM Watson OpenScale on Cloud Pak for Data has addressed CVE-2020-14422 Vulnerability Details CVEID: CVE-2020-14422 DESCRIPTION: Python is vulnerable to a denial of service, caused by improper computing hash values in the IPv4Interface and IPv6Interface classes in Lib/ipaddress.py. By...