5 matches found
Security Bulletin: A security vulnerability has been identified in SQLite shipped with IBM Watson Machine Learning Community Edition (WMLCE)
Summary Multiple vulnerabilities have been found in the SQLite package, which is either built in to or distributed with IBM WMLCE. Vulnerability Details CVEID: CVE-2020-11656 DESCRIPTION: SQLite could allow a remote attacker to obtain sensitive information, caused by a use-after-free in the ALTER...
Security Bulletin: A security vulnerability has been identified in nanopb shipped with IBM Watson Machine Learning Community Edition (WMLCE)
Summary The vulnerability CVE-2020-5235 was found in the nanopb package, which is either built in to or distributed with IBM WMLCE. Vulnerability Details CVEID: CVE-2020-5235 DESCRIPTION: Nanopb is vulnerable to a denial of service, caused by a out of memory condition. By persuading a victim to...
Security Bulletin: A security vulnerability has been identified in FFMpeg shipped with IBM Watson Machine Learning Community Edition (WMLCE) containers
Summary The following CVEs have been resolved as part of this security update. This only affects container images since this package is not published as part of the WMLCE Conda channel. Vulnerability Details CVEID: CVE-2019-15942 DESCRIPTION: FFmpeg is vulnerable to a denial of service, caused by...
Security Bulletin: A security vulnerability has been identified in Pillow shipped with IBM Watson Machine Learning Community Edition (WMLCE) containers
Summary The vulnerability was found in the Pillow package published as part of the WMLCE container images. This only affects container images since the effected packages are not published as part of the WMLCE Conda channel. Vulnerability Details CVEID: CVE-2020-5313 DESCRIPTION: Python Pillow is...
Security Bulletin: A security vulnerability has been identified in Bleach shipped with IBM Watson Machine Learning Community Edition (WMLCE)
Summary Multiple vulnerabilities have been found in the Bleach package, which is either built in to or distributed with IBM WMLCE. Vulnerability Details CVEID: CVE-2020-6816 DESCRIPTION: Mozilla Bleach is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by...