EUVD-2023-2185

Malicious code in bioql PyPI...

EUVD-2022-7292

Malicious code in bioql PyPI...

EUVD-2022-7457

Malicious code in bioql PyPI...

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.10.1 Vulnerability Details CVEID:CVE-2025-22233 DESCRIPTION: CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patterns and for request parameter names...

Security Bulletin: Multiple Vulnerabilities in Apache Ivy affect IBM Cloud Pak System

Summary Vulnerabilities found in Apache Ivy affect IBM Cloud Pak SystemCVE-2022-46751, CVE-2022-2765,CVE-2022-37866. Vulnerability Details CVEID:CVE-2022-46751 DESCRIPTION: Apache Ivy could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external entity...

Linux Distros Unpatched Vulnerability : CVE-2022-37866

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When Apache Ivy downloads artifacts from a repository it stores them in the local file system based on a user-supplied pattern that may include placeholders for...

Linux Distros Unpatched Vulnerability : CVE-2022-46751

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue...

ROS-20241203-20

Apache Ivy package manager vulnerability is related to incorrect path name restriction to a directory with a restricted directory. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to the file system Apache Ivy package manager vulnerability is...

OPENSUSE-SU-2024:12506-1 apache-ivy-2.5.1-1.1 on GA media

These are all security issues fixed in the apache-ivy-2.5.1-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13148-1 apache-ivy-2.5.2-1.1 on GA media

These are all security issues fixed in the apache-ivy-2.5.2-1.1 package on the GA media of openSUSE Tumbleweed...

RHEL 8 : apache-ivy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - apache-ivy: XML External Entity vulnerability CVE-2022-46751 Note that Nessus has not tested for this issue but has...

RHEL 7 : apache-ivy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - apache-ivy: Directory Traversal CVE-2022-37865 - Improper Restriction of XML External Entity Reference, X...

Security Bulletin: Multiple Vulnerabilities in IBM Operations Analytics Predictive Insights.

Summary Multiple vulnerabilities were addressed in IBM Operations Analytics Predictive Insights 1.3.6 iFix 8 Vulnerability Details CVEID:CVE-2022-46337 DESCRIPTION: Apache Derby could allow a remote attacker to bypass security restrictions, caused by a LDAP injection vulnerability in authenticato...

The issue with the Apache Ivy package manager, related to an incorrect restriction on the path to the restricted directory, allows a violator to write arbitrary files into the file system.

The vulnerability of the Apache Ivy package manager is related to an incorrect restriction on the path to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to write arbitrary files into the file system...

The vulnerability of the Apache Ivy package manager is related to incorrect restrictions on XML references to external objects. This allows attackers to disclose sensitive information or cause service failures.

The vulnerability of the Apache Ivy package manager is related to an incorrect limitation on XML references to external objects. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information or cause service failures...

The possibility of the Apache Ivy package manager, due to incorrect restrictions on the path name to the restricted directory, allowing unauthorized users to gain unauthorized access to the file system.

The vulnerability of the Apache Ivy package manager is related to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to the file system...

Fedora: Security Advisory for xmvn-connector-ivy (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for apache-ivy (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: xmvn-connector-ivy-4.0.0-3.fc40

This package provides XMvn Connector for Apache Ivy, which provides integration of Apache Ivy with XMvn. It provides an adapter which allows XMvn resolver to be used as Ivy resolver...

[SECURITY] Fedora 40 Update: apache-ivy-2.5.2-4.fc40

Apache Ivy is a tool for managing recording, tracking, resolving and reporting project dependencies. It is designed as process agnostic and is not tied to any methodology or structure. while available as a standalone tool, Apache Ivy works particularly well with Apache Ant providing a number of...