Lucene search
K

58 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/30 4:55 p.m.6 views

Malicious code in vscode-bazel-bsp (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

6.9AI score
Exploits0
OSV
OSV
added 2025/01/30 4:55 p.m.7 views

MAL-2025-696 Malicious code in vscode-bazel-bsp (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/12/03 12:0 a.m.14 views

CBL Mariner 2.0 Security Update: bazel (CVE-2022-3474)

The version of bazel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3474 advisory. - A bad credential handling in the remote assets API for Bazel versions prior to 5.3.2 and 4.2.3 sends all...

5.1CVSS6.1AI score0.00213EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.16 views

Photon OS 3.0: Bazel PHSA-2023-3.0-0587

An update of the bazel package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0587. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

5.1CVSS5.8AI score0.00213EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.17 views

Photon OS 4.0: Bazel PHSA-2023-4.0-0396

An update of the bazel package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0396. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

5.1CVSS5.8AI score0.00213EPSS
Exploits0References2
OSV
OSV
added 2024/06/28 3:28 p.m.32 views

GO-2024-2933 Improper trust check in Bazel Build intellij plugin in github.com/bazelbuild/intellij

Improper trust check in Bazel Build intellij plugin in github.com/bazelbuild/intellij...

3.3CVSS6.5AI score0.00109EPSS
Exploits0References3
NVD
NVD
added 2024/06/18 9:15 a.m.35 views

CVE-2024-5899

When Bazel Plugin in intellij imports a project either using "import project" or "Auto import" the dialog for trusting the project is not displayed. This comes from the fact that both call the method ProjectBuilder.createProject which then calls ProjectManager.getInstance.createProject. This...

3.3CVSS0.00109EPSS
Exploits0References2
CVE
CVE
added 2024/06/18 8:12 a.m.93 views

CVE-2024-5899

CVE-2024-5899 affects the Bazel Plugin for IntelliJ, CLion, and Android Studio. The issue arises when importing a Bazel project (via “import project” or “Auto import”): the trust dialog is not shown because both paths route through ProjectBuilder.createProject, which calls ProjectManager.getInsta...

3.3CVSS6.5AI score0.00109EPSS
Exploits0References2Affected Software3
OSV
OSV
added 2024/06/18 8:12 a.m.7 views

CVE-2024-5899 Improper trust check in Bazel Build intellij plugin

When Bazel Plugin in intellij imports a project either using "import project" or "Auto import" the dialog for trusting the project is not displayed. This comes from the fact that both call the method ProjectBuilder.createProject which then calls ProjectManager.getInstance.createProject. This...

1CVSS6AI score0.00109EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/06/18 8:12 a.m.18 views

CVE-2024-5899 Improper trust check in Bazel Build intellij plugin

When Bazel Plugin in intellij imports a project either using "import project" or "Auto import" the dialog for trusting the project is not displayed. This comes from the fact that both call the method ProjectBuilder.createProject which then calls ProjectManager.getInstance.createProject. This...

1CVSS7.1AI score0.00109EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/18 8:12 a.m.32 views

CVE-2024-5899 Improper trust check in Bazel Build intellij plugin

When Bazel Plugin in intellij imports a project either using "import project" or "Auto import" the dialog for trusting the project is not displayed. This comes from the fact that both call the method ProjectBuilder.createProject which then calls ProjectManager.getInstance.createProject. This...

1CVSS0.00109EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/06/18 12:0 a.m.12 views

PT-2024-37234

Name of the Vulnerable Software and Affected Versions: Bazel Plugin versions prior to 2024.06.04.0.2 Description: The issue arises when the Bazel Plugin in IntelliJ imports a project, either using "import project" or "Auto import", and the dialog for trusting the project is not displayed. This...

3.3CVSS6.3AI score0.00109EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/06/18 12:0 a.m.18 views

intellij Security Vulnerabilities

intellij is a plugin for the Bazel project. A security vulnerability exists in versions prior to intellij 2024.06.04.0.2, which stems from a dialog box for trusting the project not being displayed...

3.3CVSS6.7AI score0.00109EPSS
Exploits0References3
Photon
Photon
added 2023/05/26 12:0 a.m.33 views

Important Photon OS Security Update - PHSA-2023-3.0-0587

Updates of 'consul', 'vim', 'bazel' packages of Photon OS have been released...

6.1AI score
Exploits0
Photon
Photon
added 2023/05/22 12:0 a.m.25 views

Moderate Photon OS Security Update - PHSA-2023-4.0-0396

Updates of 'bazel' packages of Photon OS have been released...

5.1CVSS7.3AI score0.00213EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 3:31 a.m.3 views

SUSE CVE-2022-3474

A bad credential handling in the remote assets API for Bazel versions prior to 5.3.2 and 4.2.3 sends all user-provided credentials instead of only the required ones for the requests. We recommend upgrading to versions later than or equal to 5.3.2 or 4.2.3...

5.1CVSS5.7AI score0.00213EPSS
Exploits0References3
CBLMariner
CBLMariner
added 2022/11/16 2:27 a.m.32 views

CVE-2022-3474 affecting package bazel for versions less than 5.3.2-1

CVE-2022-3474 affecting package bazel for versions less than 5.3.2-1. An upgraded version of the package is available that resolves this issue...

5.1CVSS5.2AI score0.00213EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2022/10/29 12:0 a.m.6 views

CVE-2022-3474

...

5.1CVSS5.4AI score0.00213EPSS
Exploits0
OSV
OSV
added 2022/10/26 7:15 p.m.6 views

AZL-11350 CVE-2022-3474 affecting package bazel for versions less than 5.3.2-1

A bad credential handling in the remote assets API for Bazel versions prior to 5.3.2 and 4.2.3 sends all user-provided credentials instead of only the required ones for the requests. We recommend upgrading to versions later than or equal to 5.3.2 or 4.2.3...

4.3CVSS5.8AI score0.00213EPSS
Exploits0References1
NVD
NVD
added 2022/10/26 7:15 p.m.10 views

CVE-2022-3474

A bad credential handling in the remote assets API for Bazel versions prior to 5.3.2 and 4.2.3 sends all user-provided credentials instead of only the required ones for the requests. We recommend upgrading to versions later than or equal to 5.3.2 or 4.2.3...

5.1CVSS0.00213EPSS
Exploits0References1
Rows per page
Query Builder