High Severity

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow and underflow in GNU C Library (CVE-2021-3999)

Share this post:

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow and underflow in GNU C Library (CVE-2021-3999). This is included as part of the base-image used in our Speech-to-Text and Text-to-Speech service components. Please see below for details on how to remediate this issue.

CVE(s): CVE-2021-3999

Affected product(s) and affected version(s):

 

Affected Product(s) Version(s)
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data 4.0.0 – 4.0.7

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6578621
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/217981

More stories

Security Bulletin: Multiple vulnerabilities in Golang Go affect Cloud Pak System

August 16, 2022 | High Severity

Multiple vulnerabilities in Golang Go affect Cloud Pak System. IBM Cloud Pak System has addressed these vulnerabilities. ...read more


Security Bulletin: Vulnerabilities in Intel Chipset affect IBM Cloud Pak System (CVE-2021-0060, CVE-2021-0147, CVE-2021-33080)

August 16, 2022 | High Severity

Vulnerabilities in Intel Chipset affect IBM Cloud Pak System. IBM Cloud Pak System has addressed these vulnerabilities. ...read more


Security Bulletin: IBM InfoSphere Identity Insight vulnerabilities in third party libraries (CVE-2021-39239, CVE-2022-23308, CVE-2021-29424, CVE-2020-15250, 177835)

August 16, 2022 | High Severity

A vulnerability in the libxml2 library can cause a denial of service in IBM InfoSphere Identity Insight. Other vulnerabilities that do not impact Identity Insight are present in four libraries that are currently included with the product but not used. ...read more