Security Bulletin: Multiple Vulnerabilities in IBM watsonx Code Assistant On Prem

Summary Multiple vulnerabilities were addressed in IBM watsonx Code Assistant On Prem V5.3.1 Vulnerability Details CVEID:CVE-2026-1525 DESCRIPTION: Undici allows duplicate HTTP Content-Length headers when they are provided in an array with case-variant names e.g., Content-Length and content-lengt...

Security Bulletin: Due to use of the sha.js library, IBM watsonx Code Assistant IDE Extensions is affected by Improper Input Validation vulnerability

Summary Sha.js is used internally by IBM watsonx Code Assistant IDE Extensions CVE-2025-9288 Vulnerability Details CVEID:CVE-2025-9288 DESCRIPTION: Improper Input Validation vulnerability in sha.js allows Input Data Manipulation.This issue affects sha.js: through 2.4.11. CWE:CWE-20: Improper Inpu...

Security Bulletin: Multiple Vulnerabilities in IBM watsonx Code Assistant On Prem

Summary Multiple vulnerabilities were addressed in IBM watsonx Code Assistant On Prem V5.1.3 Vulnerability Details CVEID:CVE-2025-3136 DESCRIPTION: A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0. This issue affects the function...

Security Bulletin: There is a vulnerability in Python wheel package for the setuptools library affecting watsonx Code Assistant On Prem Extensions

Summary There is a vulnerablity in the Python wheel package for the setuptools library affecting watsonx Code Assistant On Prem Extensions. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-6345 DESCRIPTION: pypa/setuptools could allow...

Security Bulletin: There is a vulnerability in wheel package for urllib3 library affecting watsonx Code Assistant On Prem Extensions

Summary There is a vulnerablity in the wheel package for urllib3 library affecting watsonx Code Assistant On Prem Extensions. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-37891 DESCRIPTION: urllib3 could allow a remote authenticat...

Security Bulletin: There is a vulnerability in Findings in glib2 library affecting watsonx Code Assistant On Prem Extensions

Summary There is a vulnerablity in the Findings in glib2 library affecting watsonx Code Assistant On Prem Extensions. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-32636 DESCRIPTION: GNOME GLib is vulnerable to a denial of service,...

Security Bulletin: There is a vulnerability in Python wheel package for the Werkzeug library affecting watsonx Code Assistant On Prem Extensions

Summary There is a vulnerablity in the Python wheel package for the Werkzeug library affecting watsonx Code Assistant On Prem Extensions. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-49766 DESCRIPTION: Werkzeug is a Web Server...

Security Bulletin: There is a vulnerability in Python wheel package for the aiohttp library affecting watsonx Code Assistant On Prem Extensions

Summary There is a vulnerablity in the Python wheel package for the aiohttp library affecting watsonx Code Assistant On Prem Extensions. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-52304 DESCRIPTION: aiohttp could allow a remote...

Security Bulletin: There is a vulnerability in Python wheel package for the Hugging Face Transformers library affecting watsonx Code Assistant On Prem Extensions

Summary There is a vulnerablity in the Python wheel package for the Hugging Face Transformers library affecting watsonx Code Assistant On Prem Extensions. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-11394 DESCRIPTION: Hugging Fac...

Security Bulletin: There is a vulnerability in the wheel package for the Virtualenv library affecting watsonx Code Assistant On Prem Extensions

Summary There is a vulnerablity in the wheel package for the Virtualenv library affecting watsonx Code Assistant On Prem Extensions. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-53899 DESCRIPTION: virtualenv before 20.26.6 allows...

Security Bulletin: There is a vulnerability in the wheel package for Jinja2 affecting watsonx Code Assistant On Prem Extensions

Summary There is a vulnerablity in the wheel package for Jinja2 affecting watsonx Code Assistant On Prem Extensions. This bulletin identifies the steps to take to address the vulnerabilities Vulnerability Details CVEID:CVE-2024-56326 DESCRIPTION: Jinja is an extensible templating engine. Prior to...