CVE-2026-50267

Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Configuration.Abstractions 4.0.0 through 4.1.0, when MySQL or PostgreSQL service bindings from VCAPSERVICES include TLS client credentials, the Connectors libra...

CVE-2026-50267

CVE-2026-50267 affects Steeltoe Configuration Abstractions (versions 4.0.0–4.1.0). When MySQL/PostgreSQL service bindings from VCAP_SERVICES include TLS client credentials, the Connectors library writes these credentials to temporary files in Path.GetTempPath() via File.CreateText. On Linux, crea...

HCL BigFix IVR 安全漏洞

HCL BigFix IVR is a vulnerability fixing tool from HCL India. A security vulnerability exists in HCL BigFix IVR version 4.2, which stems from improperly configured service bindings for internal service components, which could result in compromised service availability...

Authorization

In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve sensitive application data like service bindings within that space...

CVE-2018-2374

In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve sensitive application data like service bindings within that space...

PT-2018-15507 · Sap · Sap Hana Extended Application Services

Name of the Vulnerable Software and Affected Versions: SAP HANA Extended Application Services version 1.0 Description: A controller user with SpaceAuditor authorization in a specific space could retrieve sensitive application data, such as service bindings, within that space. Recommendations: For...