High Severity
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow and underflow in GNU C Library (CVE-2021-3999)
April 29, 2022
Categorized: High Severity
Share this post:
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow and underflow in GNU C Library (CVE-2021-3999). This is included as part of the base-image used in our Speech-to-Text and Text-to-Speech service components. Please see below for details on how to remediate this issue.
CVE(s): CVE-2021-3999
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data | 4.0.0 – 4.0.7 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6578621
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217981
Security Bulletin: Multiple vulnerabilities in Golang Go affect Cloud Pak System
August 16, 2022 | High Severity
Multiple vulnerabilities in Golang Go affect Cloud Pak System. IBM Cloud Pak System has addressed these vulnerabilities. ...read more
Security Bulletin: Vulnerabilities in Intel Chipset affect IBM Cloud Pak System (CVE-2021-0060, CVE-2021-0147, CVE-2021-33080)
August 16, 2022 | High Severity
Vulnerabilities in Intel Chipset affect IBM Cloud Pak System. IBM Cloud Pak System has addressed these vulnerabilities. ...read more
Security Bulletin: IBM InfoSphere Identity Insight vulnerabilities in third party libraries (CVE-2021-39239, CVE-2022-23308, CVE-2021-29424, CVE-2020-15250, 177835)
August 16, 2022 | High Severity
A vulnerability in the libxml2 library can cause a denial of service in IBM InfoSphere Identity Insight. Other vulnerabilities that do not impact Identity Insight are present in four libraries that are currently included with the product but not used. ...read more