3 matches found
CVE-2025-0504
Black Duck SCA versions prior to 2025.10.0 had user role permissions configured in an overly broad manner. Users with the scoped Project Manager user role with the Global User Read access permission enabled access to certain Project Administrator functionalities which should have be inaccessible...
Black Duck SCA 安全漏洞
Black Duck SCA is a software composition analysis tool from Black Duck USA. A security vulnerability exists in Black Duck SCA versions prior to 2025.10.0 that stems from an overly broad configuration of user role permissions, which could lead to unauthorized project configuration changes or acces...
SUSE CVE-2025-0504
Black Duck SCA versions prior to 2025.10.0 had user role permissions configured in an overly broad manner. Users with the scoped Project Manager user role with the Global User Read access permission enabled access to certain Project Administrator functionalities which should have be inaccessible...