58 matches found
Malicious code in vscode-bazel-bsp (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
MAL-2025-696 Malicious code in vscode-bazel-bsp (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
CBL Mariner 2.0 Security Update: bazel (CVE-2022-3474)
The version of bazel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3474 advisory. - A bad credential handling in the remote assets API for Bazel versions prior to 5.3.2 and 4.2.3 sends all...
Photon OS 3.0: Bazel PHSA-2023-3.0-0587
An update of the bazel package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0587. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 4.0: Bazel PHSA-2023-4.0-0396
An update of the bazel package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0396. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
GO-2024-2933 Improper trust check in Bazel Build intellij plugin in github.com/bazelbuild/intellij
Improper trust check in Bazel Build intellij plugin in github.com/bazelbuild/intellij...
CVE-2024-5899
When Bazel Plugin in intellij imports a project either using "import project" or "Auto import" the dialog for trusting the project is not displayed. This comes from the fact that both call the method ProjectBuilder.createProject which then calls ProjectManager.getInstance.createProject. This...
CVE-2024-5899
CVE-2024-5899 affects the Bazel Plugin for IntelliJ, CLion, and Android Studio. The issue arises when importing a Bazel project (via “import project” or “Auto import”): the trust dialog is not shown because both paths route through ProjectBuilder.createProject, which calls ProjectManager.getInsta...
CVE-2024-5899 Improper trust check in Bazel Build intellij plugin
When Bazel Plugin in intellij imports a project either using "import project" or "Auto import" the dialog for trusting the project is not displayed. This comes from the fact that both call the method ProjectBuilder.createProject which then calls ProjectManager.getInstance.createProject. This...
CVE-2024-5899 Improper trust check in Bazel Build intellij plugin
When Bazel Plugin in intellij imports a project either using "import project" or "Auto import" the dialog for trusting the project is not displayed. This comes from the fact that both call the method ProjectBuilder.createProject which then calls ProjectManager.getInstance.createProject. This...
CVE-2024-5899 Improper trust check in Bazel Build intellij plugin
When Bazel Plugin in intellij imports a project either using "import project" or "Auto import" the dialog for trusting the project is not displayed. This comes from the fact that both call the method ProjectBuilder.createProject which then calls ProjectManager.getInstance.createProject. This...
PT-2024-37234
Name of the Vulnerable Software and Affected Versions: Bazel Plugin versions prior to 2024.06.04.0.2 Description: The issue arises when the Bazel Plugin in IntelliJ imports a project, either using "import project" or "Auto import", and the dialog for trusting the project is not displayed. This...
intellij Security Vulnerabilities
intellij is a plugin for the Bazel project. A security vulnerability exists in versions prior to intellij 2024.06.04.0.2, which stems from a dialog box for trusting the project not being displayed...
Important Photon OS Security Update - PHSA-2023-3.0-0587
Updates of 'consul', 'vim', 'bazel' packages of Photon OS have been released...
Moderate Photon OS Security Update - PHSA-2023-4.0-0396
Updates of 'bazel' packages of Photon OS have been released...
SUSE CVE-2022-3474
A bad credential handling in the remote assets API for Bazel versions prior to 5.3.2 and 4.2.3 sends all user-provided credentials instead of only the required ones for the requests. We recommend upgrading to versions later than or equal to 5.3.2 or 4.2.3...
CVE-2022-3474 affecting package bazel for versions less than 5.3.2-1
CVE-2022-3474 affecting package bazel for versions less than 5.3.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-3474
...
AZL-11350 CVE-2022-3474 affecting package bazel for versions less than 5.3.2-1
A bad credential handling in the remote assets API for Bazel versions prior to 5.3.2 and 4.2.3 sends all user-provided credentials instead of only the required ones for the requests. We recommend upgrading to versions later than or equal to 5.3.2 or 4.2.3...
CVE-2022-3474
A bad credential handling in the remote assets API for Bazel versions prior to 5.3.2 and 4.2.3 sends all user-provided credentials instead of only the required ones for the requests. We recommend upgrading to versions later than or equal to 5.3.2 or 4.2.3...