206 matches found
Security Bulletin: Vulnerability in snappy-java affects watsonx.data
Summary snappy-java is vulnerable to denial of service attacks, which could affect watsonx.data. Vulnerability Details CVEID:CVE-2023-34453 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially crafted request,...
Security Bulletin: Vulnerability in expressjs serve-static affects watsonx.data
Summary expressjs serve-static is vulnerable to cross-site scripting, and this could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-43800 DESCRIPTION: expressjs serve-static is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker...
Security Bulletin: Vulnerability in VMware Tanzu Spring Security affects watsonx.data
Summary VMware Tanzu Spring Security could allow a remote attacker to obtain sensitive information, which could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-38810 DESCRIPTION: VMware Tanzu Spring Security could allow a remote attacker to obtain sensitive information, caused by missin...
Security Bulletin: Vulnerability in Psf Requests affects watsonx.data
Summary Psf Requests is vulnerable to bypass security restrictions, which could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-35195 DESCRIPTION: Psf Requests could allow a local authenticated attacker to bypass security restrictions, caused by an incorrect control flow implementation...
Security Bulletin: Vulnerabilities in jQuery affect watsonx.data
Summary jQuery is vulnerable to cross site scripting attacks and to untrusted code execution attacks. These could affect watsonx.data. Vulnerability Details CVEID:CVE-2015-9251 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remot...
Security Bulletin: Vulnerabiity in Async Http Client affects watsonx.data
Summary Async Http Client aka async-http-client could allow a remote attacker to bypass security restrictions. This could affect watsonx.data. Vulnerability Details CVEID:CVE-2017-14063 DESCRIPTION: Async Http Client aka async-http-client could allow a remote attacker to bypass security...
Security Bulletin: Vulnerability in zipp affects watsonx.data
Summary zipp is vulnerable to a denial of service attack, which could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-5569 DESCRIPTION: zipp is vulnerable to a denial of service, caused by an infinite loop flaw in the Path module. By using a specially crafted zip file, a local attacker...
Security Bulletin: Vulnerabilities in zlib can affect watsonx.data
Summary zlib is vulnerable to denial of service attacks. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2016-9842 DESCRIPTION: zlib is vulnerable to a denial of service, caused by an undefined left shift of negative number. By persuading a victim to open a specially crafted documen...
Security Bulletin: Vulnerability in Python affects IBM watsonx.data
Summary Requests have been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuildproxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent through the tunnel, the proxy will identify...
Security Bulletin: Vulnerabilities in gRPC affect watsonx.data
Summary gRPC is vulnerable to a denial of service attack as well as possibly allowing a remote attack to obtain sensitive information. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-1428 DESCRIPTION: gRPC is vulnerable to a denial of service. By sending a specially crafted...
Security Bulletin: Vulnerabilities in Google Protocol Buffers affect IBM watsonx.data
Summary Google Protocol Buffers and protobuf-java core and lite have multiple vulnerabilities that can affect watsonx.data. These vulnerablities include denail of service attacks and remote code executions, Vulnerability Details CVEID:CVE-2015-5237 DESCRIPTION: Google Protocol Buffers could allow...
Security Bulletin: Vulnerabilities in Netty affect IBM watsonx.data
Summary Netty is vulnerable to HTTP request smuggling and weaker than expected security. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2019-20444 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw in the HttpObjectDecoder.java. By sending a...
Security Bulletin: Vulnerabilities in FasterXML jackson-databind and other packages affect IBM watsonx.data
Summary FasterXML jackson-databind, multiple Huawei products, multiple Oracle products, Guava, Google Protocol Buffers, protobuf-core, Netty, JetBrains Kotlin, netplex JSON Smart, Jettison, Eclipse Jetty, SnakeYaml and Perl have vulnerabilities that can affect watsonx.data. Vulnerability Details...
Security Bulletin: Vulnerability in Okio GzipSource affects watsonx.data
Summary Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzi...
Security Bulletin: Vulnerability in Jettison affects IBM watsonx.data
Summary Jettison is vulnerable to a denial of service, caused by an infinite recursion when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. A remote attacker could exploit this vulnerability to cause a denial of service. This can affect...
Security Bulletin: Vulnerabilities in Logback, Guava and Apache HTTPClient affect IBM watsonx.data
Summary Logback, Guava and Apache HTTPClient have vulnerabilties that can affect watsonx.data. These vulnerabilities include remote attacks to bypass security restrictions and remote authenticated attacker to execute arbitrary code on the system. Vulnerability Details CVEID:CVE-2021-42550...
Security Bulletin: Vulnerability in Eclipse Jetty affects IBM watsonx.data
Summary Eclipse Jetty is vulnerable to a denial of service, caused by an integer overflow and buffer allocation in MetaDataBuilder.checkSize. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. This can affect...
Security Bulletin: Vulnerabilities in Protobuf-java affect IBM watsonx.data
Summary Protobuf-java core and lite are vulnerable to a denial of service attacks which can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for binary and text...
Security Bulletin: Vulnerability in RabbitMQ Java Client affects IBM watsonx.data
Summary RabbitMQ Java Client is vulnerable to a denial of service, caused by no message size limit in maxBodyLebgth. By sending a specially crafted message, a remote attacker could exploit this vulnerability to cause a memory overflow, and results in a denial of service condition. This can affect...
Security Bulletin: Vulnerability in Async Http Client affects IBM watsonx.data
Summary Async Http Client aka async-http-client could allow a remote attacker to bypass security restrictions, caused by the failure to parse the fragment identifier of the URL when handling '?' character. By using a specially-crafted URL with '?' character, an attacker could exploit this...