CVE-2025-14148

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token...

megatron-bridge (>=0.1.0rc0 <=0.3.1), nemo-eval (>=0.1.0rc1 <=0.2.0rc0) +1 more potentially affected by CVE-2025-33225 via nvidia-resiliency-ext (>=0.3.0 <=0.4.1)

nvidia-resiliency-ext PYPI version =0.3.0, =0.1.0rc0, =0.1.0rc1, =0.1.0, =0.4.0 Source cves: CVE-2025-33225 Source advisory: SNYK:PYTHON-NVIDIARESILIENCYEXT-14459109...

nemo-eval (>=0.1.0rc1 <=0.1.0rc2), nemo-export-deploy (>=0.1.0 <=0.2.0rc1) potentially affected by CVE-2025-33235 via nvidia-resiliency-ext (=0.3.0)

nvidia-resiliency-ext PYPI version =0.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on nvidia-resiliency-ext and may be impacted: - nemo-eval =0.1.0rc1, =0.1.0, =0.2.0rc1 Source cves: CVE-2025-33235 Source advisory:...

CVE-2025-62329

HCL DevOps Deploy / HCL Launch is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefly reused from a new IP address before it is invalidated. This could lead to unauthorized access under certain network conditions...

CVE-2025-62329

HCL DevOps Deploy / HCL Launch is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefly reused from a new IP address before it is invalidated. This could lead to unauthorized access under certain network conditions...

CVE-2025-62329

HCL DevOps Deploy / HCL Launch are affected by a race condition in the HTTP session client-IP binding enforcement, which may allow a session to be briefly reused from a new IP address before invalidation. This could lead to unauthorized access under certain network conditions. Affected products a...

CVE-2025-62329 HCL DevOps Deploy / HCL Launch is susceptible to an insufficient session expiration vulnerability

HCL DevOps Deploy / HCL Launch is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefly reused from a new IP address before it is invalidated. This could lead to unauthorized access under certain network conditions...

CVE-2025-62329 HCL DevOps Deploy / HCL Launch is susceptible to an insufficient session expiration vulnerability

HCL DevOps Deploy / HCL Launch is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefly reused from a new IP address before it is invalidated. This could lead to unauthorized access under certain network conditions...

CVE-2025-62330

HCL DevOps Deploy is susceptible to a cleartext transmission of sensitive information because the HTTP port remains accessible and does not redirect to HTTPS as intended. As a result, an attacker with network access could intercept or modify user credentials and session-related data via passive...

CVE-2025-62330

CVE-2025-62330 affects HCL DevOps Deploy. The vulnerability arises from cleartext transmission due to the HTTP port remaining accessible and not redirecting to HTTPS, enabling an attacker with network access to intercept or modify user credentials and session data via passive monitoring or MITM-s...

CVE-2025-62330 HCL DevOps Deploy is susceptible to a cleartext transmission of sensitive information

HCL DevOps Deploy is susceptible to a cleartext transmission of sensitive information because the HTTP port remains accessible and does not redirect to HTTPS as intended. As a result, an attacker with network access could intercept or modify user credentials and session-related data via passive...

CVE-2025-62330 HCL DevOps Deploy is susceptible to a cleartext transmission of sensitive information

HCL DevOps Deploy is susceptible to a cleartext transmission of sensitive information because the HTTP port remains accessible and does not redirect to HTTPS as intended. As a result, an attacker with network access could intercept or modify user credentials and session-related data via passive...

HCL DevOps Deploy 安全漏洞

HCL DevOps Deploy is an application from HCL India. It can be mapped to your organizational structure using flexible team-based and role-based security models. HCL DevOps Deploy has a security vulnerability that stems from the explicit transmission of sensitive information, which could lead to th...

HCL Launch和HCL DevOps Deploy 安全漏洞

HCL Launch and HCL DevOps Deploy are both products of HCL India.HCL Launch is a multi-functional, enterprise-grade continuous delivery automation software. Used to handle the most complex deployment processes in DevOps.HCL DevOps Deploy is an application. Can be mapped to your organizational...

CVE-2025-36360

IBM UCD - IBM UrbanCode Deploy 7.1 through 7.1.2.27, 7.2 through 7.2.3.20, and 7.3 through 7.3.2.15 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.10, and 8.1 through 8.1.2.3 is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefl...

CVE-2025-36360

IBM UCD - IBM UrbanCode Deploy 7.1 through 7.1.2.27, 7.2 through 7.2.3.20, and 7.3 through 7.3.2.15 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.10, and 8.1 through 8.1.2.3 is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefl...

CVE-2025-14148

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token...

CVE-2025-14148

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token...

CVE-2025-13489

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 IBM DevOps Deploy transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...

CVE-2025-13489

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 IBM DevOps Deploy transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...