Lucene search
K

4 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/05 8:14 a.m.7 views

Security Bulletin: IBM watsonx.ai on Cloud Pak for Data is vulnerable to python-Python-3.12.0b4 (Publicly disclosed vulnerability found by Mend) due to python pip package ( CVE-2023-5752, PRISMA-2022-0168)

Summary IBM watsonx.ai on Cloud Pak for Data internally uses CVE-2023-5752 Vulnerability Details CVEID:CVE-2023-5752 DESCRIPTION: When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary...

5.5CVSS6.5AI score0.00476EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/01/12 2:15 a.m.4 views

CVE-2024-49785

IBM watsonx.ai 1.1 through 2.0.3 and IBM watsonx.ai on Cloud Pak for Data 4.8 through 5.0.3 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

5.4CVSS5.5AI score0.00215EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/12 12:0 a.m.5 views

IBM watsonx.ai 跨站脚本漏洞

IBM watsonx.ai is a library from International Business Machines IBM, Inc. Allows the use of the watsonx.ai service on IBM Cloud and IBM Cloud for Data. A cross-site scripting vulnerability exists in IBM watsonx.ai versions 1.1 through 2.0.3 and IBM watsonx.ai on Cloud Pak for Data versions 4.8...

5.4CVSS6.1AI score0.00215EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/12 12:0 a.m.12 views

PT-2025-2861 · Ibm · Cloud Pak For Data +1

Name of the Vulnerable Software and Affected Versions: IBM watsonx.ai versions 1.1 through 2.0.3 IBM watsonx.ai on Cloud Pak for Data versions 4.8 through 5.0.3 Description: This issue allows an authenticated user to embed arbitrary JavaScript code in the Web UI, altering the intended functionali...

5.4CVSS6.2AI score0.00215EPSS
Exploits0References7
Rows per page
Query Builder