TencentOS Server 4: bazel (TSSA-2024:1055)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1055 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Design/Logic Flaw

A bad credential handling in the remote assets API for Bazel versions prior to 5.3.2 and 4.2.3 sends all user-provided credentials instead of only the required ones for the requests. We recommend upgrading to versions later than or equal to 5.3.2 or 4.2.3...

CVE-2022-3474

A bad credential handling in the remote assets API for Bazel versions prior to 5.3.2 and 4.2.3 sends all user-provided credentials instead of only the required ones for the requests. We recommend upgrading to versions later than or equal to 5.3.2 or 4.2.3...

PT-2022-22308 · Google · Bazel

Name of the Vulnerable Software and Affected Versions: Bazel versions prior to 5.3.2 Bazel versions prior to 4.2.3 Description: A bad credential handling in the remote assets API sends all user-provided credentials instead of only the required ones for the requests. Recommendations: For Bazel...