Lucene search
K

949 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:7 a.m.14 views

CVE-2024-45036

Tophat is a mobile applications testing harness. An Improper Access Control vulnerability can expose the TOPHATAPPTOKEN token stored in /.tophatrc through use of a malicious Tophat URL controlled by the attacker. The vulnerability allows Tophat to send this token to the attacker's server without...

4.3CVSS6.7AI score0.00268EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 7:33 a.m.7 views

CVE-2024-7057

An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.0.5, starting from 17.1 prior to 17.1.3, and starting from 17.2 prior to 17.2.1 where job artifacts can be inappropriately exposed to users lacking the proper authorization level...

4.3CVSS6AI score0.00372EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:54 a.m.6 views

CVE-2023-33959

notation is a CLI tool to sign and verify OCI artifacts and container images. An attacker who has compromised a registry can cause users to verify the wrong artifact. The problem has been fixed in the release v1.0.0-rc.6. Users should upgrade their notation-go library to v1.0.0-rc.6 or above. Use...

8.8CVSS8.5AI score0.00354EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:50 a.m.3 views

CVE-2023-0121

A denial of service issue was discovered in GitLab CE/EE affecting all versions starting from 13.2.4 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2 which allows an attacker to cause high resource consumption using malicious test repo...

7.5CVSS6.7AI score0.01243EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:7 p.m.8 views

CVE-2022-41233

Jenkins Rundeck Plugin 3.6.11 and earlier does not perform Run/Artifacts permission checks in multiple HTTP endpoints, allowing attackers with Item/Read permission to obtain information about build artifacts of a given job, if the optional Run/Artifacts permission is enabled...

4.3CVSS6.2AI score0.00516EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:10 p.m.5 views

CVE-2022-3759

An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 15.6.7, all versions starting from 15.7 before 15.7.6, all versions starting from 15.8 before 15.8.1. An attacker may upload a crafted CI job artifact zip file in a project that uses dynamic child...

7.5CVSS6.5AI score0.01216EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:21 p.m.9 views

CVE-2021-41394

Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows alteration of build artifacts in some situations...

5.3CVSS6.9AI score0.01175EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:12 p.m.29 views

CVE-2020-2214

Jenkins ZAP Pipeline Plugin 1.9 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download...

5.4CVSS6.8AI score0.00735EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:25 p.m.8 views

CVE-2020-27629

In JetBrains TeamCity before 2020.1.5, secure dependency parameters could be not masked in depending builds when there are no internal artifacts...

5.3CVSS6.9AI score0.00921EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:26 a.m.8 views

CVE-2019-10248

Eclipse Vorto versions prior to 0.11 resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of Vorto might be infected...

8.1CVSS6.9AI score0.00434EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:25 a.m.11 views

CVE-2019-10103

JetBrains IntelliJ IDEA projects created using the Kotlin JS Client/JVM Server IDE Template were resolving Gradle artifacts using an http connection, potentially allowing an MITM attack. This issue, which was fixed in Kotlin plugin version 1.3.30, is similar to CVE-2019-10101...

8.1CVSS6.4AI score0.0162EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:24 a.m.9 views

CVE-2019-10753

In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse-cdt, and all versions prior to version 3.0.1 for eclipse-groovy, Spotless was resolving dependencies over an insecure channel http. If the build occurred over an insecure connection, a maliciou...

5.9CVSS6.8AI score0.00724EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:14 a.m.11 views

CVE-2019-10240

Eclipse hawkBit versions prior to 0.3.0M2 resolved Maven build artifacts for the Vaadin based UI over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of hawkBit might be infected...

8.1CVSS6.9AI score0.00435EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:53 a.m.9 views

CVE-2017-1000105

The optional Run/Artifacts permission can be enabled by setting a Java system property. Blue Ocean did not check this permission before providing access to archived artifacts, Item/Read permission was sufficient...

5.3CVSS6.8AI score0.00897EPSS
Exploits0References1
AlmaLinux
AlmaLinux
added 2025/05/19 12:0 a.m.38 views

Important: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes:...

7.5CVSS7.1AI score0.00693EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/05/13 1:57 p.m.19 views

Important: Red Hat Security Advisory: osbuild-composer security update

An update for osbuild-composer is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

7.5CVSS6.8AI score0.00693EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/05/06 4:43 p.m.36 views

Important: Red Hat Security Advisory: osbuild-composer security update

An update for osbuild-composer is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

7.5CVSS6.8AI score0.00693EPSS
Exploits0References2
Citrix
Citrix
added 2025/05/06 12:0 a.m.21 views

Black artifacts on published apps once they resize the window or plugout -plug in external monitors

Black artifacts appear within published applications...

7.1AI score
Exploits0
Citrix
Citrix
added 2025/04/28 12:0 a.m.9 views

Black area's when launching Horizon app on VDA 2402 CU1

After upgrading our VDA to 2402 cu1 we are presented with black artifacts on launch of Horizon app...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/04/17 10:57 p.m.20 views

CVE-2025-32784

conda-forge-webservices is the web app deployed to run conda-forge admin commands and linting. In versions prior to 2025.4.10, a race condition vulnerability has been identified in the conda-forge-webservices component used within the shared build infrastructure. This vulnerability, categorized a...

7.5CVSS7AI score0.00231EPSS
Exploits0References1
Rows per page
Query Builder