Security Bulletin: Vulnerabilities in pbkdf2 affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerabilities in pbkdf2 has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

Security Bulletin: Vulnerability in JsonToBinaryStream() function ( CVE-2024-2410) may affect IBM watsonx Assistant for IBM Cloud Pak for Data

Summary A potential vulnerability CVE-2024-2410 has been identified related to JsonToBinaryStream function that may affect IBM watsonx Assistant for IBM Cloud Pak for Data. This vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-24...

CVE-2024-49344 IBM OpenPages session fixation

IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages with Watson Assistant chat feature enabled the application establishes a session when a user logs in and uses chat, but the chat session is still left active after logout...

CVE-2024-49344

IBM OpenPages with Watson (versions 8.3 and 9.0) is affected by CVE-2024-49344 where a chat session remains active after user logout, enabling a session fixation issue. Affected component: OpenPages with Watson Assistant chat feature; root cause: chat session not terminated on logout. Impact: lim...

Security Bulletin: Vulnerability in Jsonpath-plus affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary Potential vulnerability in Jsonpath-plus has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-21534 DESCRIPTION: Jsonpath-plus could allow...

Security Bulletin: Vulnerability in http-proxy-middleware affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary Potential vulnerability in http-proxy-middleware has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-21536 DESCRIPTION:...

Security Bulletin: Vulnerability in OpenSSL affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary Potential vulnerability in OpenSSL has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: OpenSSL is vulnerable to a denia...

Security Bulletin: Vulnerability in Apache Commons IO affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary Potential vulnerability in Apache Commons IO has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerabilities have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resour...

Security Bulletin: Vulnerability in DOMPurify affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary Potential vulnerability in DOMPurify has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerabilities have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-45801 DESCRIPTION: DOMPurify could allow a...

Security Bulletin: Vulnerability in GraphQL Java affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary Potential vulnerability in GraphQL Java has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-40094 DESCRIPTION: GraphQL Java aka...

Security Bulletin: Vulnerability in Apache Commons IO affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary Potential vulnerability in Apache Commons IO has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerabilities have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resour...

Security Bulletin: Vulnerability in Protocol Buffers affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary Potential vulnerability in Protocol Buffers has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-7254 DESCRIPTION: Any project that parses...

Security Bulletin: Vulnerability in REXML affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary Potential vulnerability in REXML has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-49761 DESCRIPTION: REXML is an XML toolkit for Ruby...

Security Bulletin: Vulnerability in source-map-support affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary Potential vulnerability in all versions of the package source-map-suppor has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-21540...

Security Bulletin: Vulnerability in Netty affects IBM watsonx Assistant for IBM Cloud Pak for Data

Summary A potential vulnerability in Netty has been identified that affects IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-29025 DESCRIPTION: Netty is an asynchronous...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js vulnerabilities [ CVE-2024-27982, CVE-2024-27983]

Summary Potential vulnerabilities in Node.js CVE-2024-27982, CVE-2024-27983 have been identified that could affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-27982...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Mozilla Firefox arbitrary code execution vulnerability [CVE-2024-4367]

Summary Potential Mozilla Firefox arbitrary code execution vulnerability CVE-2024-4367 have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-436...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to GNOME libxml2 denial of service vulnerability [ CVE-2024-25062]

Summary Potential GNOME libxml2 denial of service vulnerability CVE-2024-25062 have been identified that could affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-25062...

Security Bulletin: Vulnerability in Python Software Foundation Black ( CVE-2024-21503) may affect IBM watsonx Assistant for IBM Cloud Pak for Data

Summary A potential denial of service vulnerability CVE-2024-21503 has been identified related to Python Software Foundation Black that may affect IBM watsonx Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability...

Security Bulletin: Vulnerability in idna  ( CVE-2024-3651) may affect IBM watsonx Assistant for IBM Cloud Pak for Data

Summary A potential denial of service vulnerability CVE-2024-3651 has been identified related to idna that may affect IBM watsonx Assistant for IBM Cloud Pak for Data. This vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-3651...