Code injection

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy UCD - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971...

CVE-2024-22331 IBM UrbanCode Deploy information disclosure

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy UCD - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971...

CVE-2024-22331 IBM UrbanCode Deploy information disclosure

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy UCD - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971...

CVE-2024-22331

CVE-2024-22331 affects IBM UrbanCode Deploy (UCD) and IBM DevOps Deploy. The issue could disclose sensitive user information when installing the Windows agent as a service, impacting UCD versions: 7.0–7.0.5.19, 7.1–7.1.2.15, 7.2–7.2.3.8, 7.3–7.3.2.3, and DevOps Deploy 8.0.0.0. Root cause is infor...

IBM UrbanCode Deploy 信息泄露漏洞

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different...

PT-2024-19344 · Ibm +1 · Ibm Urbancode Deploy +1

Name of the Vulnerable Software and Affected Versions: IBM UrbanCode Deploy versions 7.0 through 7.0.5.19 IBM UrbanCode Deploy versions 7.1 through 7.1.2.15 IBM UrbanCode Deploy versions 7.2 through 7.2.3.8 IBM UrbanCode Deploy versions 7.3 through 7.3.2.3 IBM UrbanCode Deploy UCD - IBM DevOps...

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) may be vulnerable to sensitive information disclosure (CVE-2024-22331)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD could disclose sensitive user information when installing the Windows agent as a service. Vulnerability Details CVEID:CVE-2024-22331 DESCRIPTION: IBM UrbanCode Deploy UCD could disclose sensitive user information when installing the Windows...

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) may be vulnerable to HTTP request smuggling (CVE-2023-46589)

Summary Due to the use of Apache Tomcat, IBM DevOps Deploy / IBM UrbanCode Deploy UCD is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP trailer headers. By sending a specially crafted HTTPS trailer header, an attacker could exploit this vulnerability to poison the we...

CVE-2024-23550

HCL DevOps Deploy / HCL Launch UCD could disclose sensitive user information when installing the Windows agent...

CVE-2024-23550

HCL DevOps Deploy / HCL Launch UCD could disclose sensitive user information when installing the Windows agent...

CVE-2024-23550 HCL DevOps Deploy / HCL Launch (UCD) may be vulnerable to sensitive information disclosure

HCL DevOps Deploy / HCL Launch UCD could disclose sensitive user information when installing the Windows agent...

CVE-2024-23550

CVE-2024-23550 affects HCL DevOps Deploy / HCL Launch (UCD). The Windows agent installer could disclose sensitive user information, with confidentiality impact described as High in the CVSS data. The provided documents do not specify the underlying root cause details or a fixed version. Public so...

CVE-2024-23550 HCL DevOps Deploy / HCL Launch (UCD) may be vulnerable to sensitive information disclosure

HCL DevOps Deploy / HCL Launch UCD could disclose sensitive user information when installing the Windows agent...

HCL Technologies HCL Launch Security Breach

HCL Technologies HCL Launch is a versatile, enterprise-grade continuous delivery automation software from HCL Technologies, Inc. for handling the most complex deployment processes in DevOps. A security vulnerability exists in HCL DevOps Deploy and HCL Launch UCD that stems from the ability to...

Octopus Cross-Site Scripting Vulnerability

Octopus Deploy is an automation tool for .NET, Java and other application development and deployment from Octopus Deploy Australia. A cross-site scripting vulnerability exists in Octopus version 1.0, which stems from the fact that passing the parameter description can lead to cross-site scripting...

Octopus SQL Injection Vulnerability

Octopus Deploy is an automation tool for .NET, Java and other application development and deployment from Octopus Deploy Australia. An SQL injection vulnerability exists in Octopus version 1.0, which stems from the parameter ancestors in the file /system/dept/edit that can lead to SQL injection...

Octopus Deploy SQL Injection Vulnerability

Octopus Deploy is an automation tool for .NET, Java and other application development and deployment from Octopus Deploy Australia. A SQL injection vulnerability exists in Octopus Deploy version 1.0, which stems from /system/role/list containing unknown functions that cause SQL injection via the...

GitLab 10.7 < 14.3.6 / 14.4 < 14.4.4 / 14.5 < 14.5.2 (CVE-2021-39936)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper access control in GitLab CE/EE affecting all versions starting from 10.7 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an...

GitLab 12.10 < 15.1.6 / 15.2 < 15.2.4 / 15.3 < 15.3.2 (CVE-2022-2533)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions starting from 12.10 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. GitLab wa...

GitLab 12.0.0 < 14.9.5 / 14.10.0 < 14.10.4 / 15.0.0 < 15.0.1 (CVE-2022-1936)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Incorrect authorization in GitLab EE affecting all versions from 12.0 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1 allowed an attacker...