Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-36183 | 1 Ibm | 1 Watsonx.data | 2026-02-20 | N/A | 3.8 LOW |
|
IBM watsonx.data 2.2 through 2.2.1 IBM Lakehouse could allow a privileged user to upload malicious files that could be executed server to modify limited files or data.
|
|||||
| CVE-2025-36140 | 1 Ibm | 1 Watsonx.data | 2025-12-10 | N/A | 6.5 MEDIUM |
|
IBM watsonx.data 2.2 through 2.2.1 could allow an authenticated user to cause a denial of service through ingestion pods due to improper allocation of resources without limits.
|
|||||
| CVE-2025-36144 | 1 Ibm | 1 Watsonx.data | 2025-10-03 | N/A | 3.3 LOW |
|
IBM Lakehouse (watsonx.data 2.2) stores potentially sensitive information in log files that could be read by a local user.
|
|||||
| CVE-2025-36139 | 1 Ibm | 1 Watsonx.data | 2025-09-25 | N/A | 5.5 MEDIUM |
|
IBM Lakehouse (watsonx.data 2.2) is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
|
|||||
| CVE-2025-36146 | 1 Ibm | 1 Watsonx.data | 2025-09-25 | N/A | 4.3 MEDIUM |
|
IBM Lakehouse (watsonx.data 2.2) could allow an authenticated user to obtain sensitive server component version information which could aid in further attacks against the system.
|
|||||
| CVE-2025-36143 | 1 Ibm | 1 Watsonx.data | 2025-09-25 | N/A | 4.7 MEDIUM |
|
IBM Lakehouse (watsonx.data 2.2) could allow an authenticated privileged user to execute arbitrary commands on the system due to improper validation of user supplied input.
|
|||||