4 matches found
Security Bulletin: IBM watsonx.ai on Cloud Pak for Data is vulnerable to python-Python-3.12.0b4 (Publicly disclosed vulnerability found by Mend) due to python pip package ( CVE-2023-5752, PRISMA-2022-0168)
Summary IBM watsonx.ai on Cloud Pak for Data internally uses CVE-2023-5752 Vulnerability Details CVEID:CVE-2023-5752 DESCRIPTION: When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary...
CVE-2024-49785
IBM watsonx.ai 1.1 through 2.0.3 and IBM watsonx.ai on Cloud Pak for Data 4.8 through 5.0.3 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...
IBM watsonx.ai 跨站脚本漏洞
IBM watsonx.ai is a library from International Business Machines IBM, Inc. Allows the use of the watsonx.ai service on IBM Cloud and IBM Cloud for Data. A cross-site scripting vulnerability exists in IBM watsonx.ai versions 1.1 through 2.0.3 and IBM watsonx.ai on Cloud Pak for Data versions 4.8...
PT-2025-2861 · Ibm · Cloud Pak For Data +1
Name of the Vulnerable Software and Affected Versions: IBM watsonx.ai versions 1.1 through 2.0.3 IBM watsonx.ai on Cloud Pak for Data versions 4.8 through 5.0.3 Description: This issue allows an authenticated user to embed arbitrary JavaScript code in the Web UI, altering the intended functionali...