206 matches found
Security Bulletin: Vulnerabilities in netplex JSON Smart affect watsonx.data
Summary Netplex JSON Smart is vulnerable to a denial of service, caused by either a flaw in the indexOf function of JSONParserByteArray or by not limiting the nesting of arrays or objects. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2021-31684 DESCRIPTION: netplex JSON Smart is...
Security Bulletin: Vulnerability in Guava affects IBM watsonx.data
Summary Guava could allow a remote authenticated attacker to bypass security restrictions, caused by a temp directory creation vulnerability in com.google.common.io.Files.createTempDir. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access...
Security Bulletin: Vulnerablity in Okio GzipSource affects watsonx.data
Summary Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-3635 DESCRIPTION: Okio GzipSource is vulnerable to a denial of service, caused by unhandled exception. By sending a specially crafted gzi...
Security Bulletin: Vulnerability in pytest-dev py affects IBM watsonx.data
Summary pytest-dev py is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw by the InfoSvnCommand argument. By sending a specially-crafted regex info data, a remote attacker could exploit this vulnerability to cause a denial of service condition. This c...
Security Bulletin: Vulnerability in Apache Solr affects IBM watsonx.data
Summary Apache Solr could allow a remote attacker to bypass security restrictions, caused by improper access control by the Configsets API. The checks in place to prevent such features can be circumvented by using a combination of UPLOAD/CREATE actions. This vulnerability can be exploited when...
Security Bulletin: Vulnerability in Google Guava affects IBM watsonx.data
Summary Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw with using Java's default temporary directory for file creation in FileBackedOutputStream. By sending a specially crafted request, an attacker could exploit this vulnerability to acce...
Security Bulletin: Vulnerabilities in Protobuf-java affect IBM watsonx.data
Summary Protobuf-java core and lite are vulnerable to denial of service attacks which can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-3171 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for binary and text...
Security Bulletin: Vulnerability in Protobuf-core affects IBM watsonx.data
Summary Protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for Message-Type Extensions. By sending non-repeated embedded messages with repeated or unknown fields, a remote authenticated attacker could exploit this vulnerability to cause lo...
Security Bulletin: Vulnerabilities in Netty affect watsonx.data
Summary Netty has multiple vulnerabilities such as HTTP request smuggling, weaker than expected security, and denial of service attacks. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2019-20444 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw in the...
Security Bulletin: Vulnerability in Async Http Client affects IBM watsonx.data
Summary Async Http Client aka async-http-client could allow a remote attacker to bypass security restrictions, caused by the failure to parse the fragment identifier of the URL when handling '?' character. By using a specially-crafted URL with '?' character, an attacker could exploit this...
Security Bulletin: Vulnerability in Node.js affects IBM watsonx.data
Summary Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by the leakage of credentials when clearing authorization header during cross-domain redirect, but keeping the proxy-authentication header. An attacker could exploit this...
Security Bulletin: Vulnerabilities in Jettison affect IBM watsonx.data
Summary Jettison is vulerable to denial of service attacks. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-40150 DESCRIPTION: jettison-json Jettison is vulnerable to a denial of service, caused by an out of memory flaw. By sending a specially-crafted XML or JSON data, a remote...
Security Bulletin: Vulnerability in PyArrow Affects IBM watsonx.data
Summary PyArrow could allow a remote authenticated attacker to execute arbitrary code on the system. This can affect IBM watsonx.data Vulnerability Details CVEID:CVE-2023-47248 DESCRIPTION: PyArrow could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an...
Security Bulletin: Vulnerability in Oracle MySQL Connectors Affects IBM watsonx.data
Summary An unspecified vulnerability in Oracle MySQL Connectors related to the Connector/J component could allow a remote attacker to cause high confidentiality, integrity and availability impacts. This can affect IBM watsonx.data. Vulnerability Details CVEID:CVE-2023-22102 DESCRIPTION: An...
Security Bulletin: Vulnerabilityies in Google Guava affect IBM watsonx.data
Summary Google Guava has vulnerabilities that could allow a local authenticated attacker to obtain sensitive information, allow a remote authenticated attacker to bypass security restrictions and be vulnerable to demial of service attacks. This can affect watsonx.data. Vulnerability Details...
Security Bulletin: Vulnerabilities in Netty affect IBM watsonx.data
Summary Netty is vulnerable to a denial of service attcaks and could allow a local authenticated attacker to obtain sensitive information. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-34462 DESCRIPTION: Netty is vulnerable to a denial of service, caused by a flaw with...
Security Bulletin: Vulnerabilities in Apache ZooKeeper affect IBM watsonx.data
Summary Apache ZooKeeper could allow a remote authenticated attacker to obtain sensitive information or allow a remote attacker to bypass security restrictions. These can affect IBM watsonx.data. Vulnerability Details CVEID:CVE-2024-23944 DESCRIPTION: Apache ZooKeeper could allow a remote...
Security Bulletin: Vulnerability in Apache Tomcat affects IBM watsonx.data
Summary Apache Tomcat is vulnerable to a denial of service, caused by a flaw when processing an HTTP/2 stream. By sending specially crafted HTTP headers, a remote attacker could exploit this vulnerability to cause a denial of service condition. This can affect watsonx.data. Vulnerability Details...
Security Bulletin: Vulnerability in dnsjava affects IBM watsonx.data
Summary dnsjava could allow a remote attacker to bypass security restrictions, caused by improper response validation. By sending a specially crafted request, an attacker could exploit this vulnerability to perform DNSSEC bypass. This may affect watsonx.data. Vulnerability Details...
Security Bulletin: Vulnerability in Gorilla Web Toolkit affects IBM watsonx.data
Summary Gorilla web toolkit schema is vulnerable to a denial of service, caused by a memory exhaustion flaw due to sparse slice deserialization. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. This can affect...