3 matches found
Security Update for Microsoft Visual Studio Code Concourse CI Pipeline Editor Extension (CVE-2022-31691)
The Microsoft Visual Studio Code Concourse CI Pipeline Editor Extension is version 1.39.0 or below. It is, therefore, affected by a remote code execution vulnerability. The extension uses the Snakeyaml library for YAML editing support. This library allows for some special syntax in the YAML that...
CVE Report Published for Spring Tools
We have released STS 4.16.1 for Eclipse and Spring VSCode extensions 1.40.0 to address the following CVE report: - CVE-2022-31691: Remote Code Execution via YAML editors in STS4 extensions for Eclipse and VSCode Please review the information in the CVE report and upgrade immediately. Eclipse: STS...
CVE-2018-1227: Concourse-dot-ci domain issue | Cloud Foundry
Severity High/Advisory Vendor Concourse CI Affected Products and Versions Please see the notice available at https://pivotal.io/security/cve-2018-1227. References https://pivotal.io/security/cve-2018-1227 Description The original domain for the Concourse CI concourse-dot-ci open source project ha...