CVE-2024-22377

The deploy directory in PingFederate runtime nodes is reachable to unauthorized users...

CVE-2024-22377 PingFederate Runtime Node Path Traversal

The deploy directory in PingFederate runtime nodes is reachable to unauthorized users...

PT-2024-19373 · Unknown · Pingfederate

Name of the Vulnerable Software and Affected Versions: PingFederate affected versions not specified Description: The issue concerns the deploy directory in PingFederate runtime nodes being accessible to unauthorized users. Recommendations: At the moment, there is no information about a newer...

Malicious code in branch-deploy-action (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6f8ee439aa1b1732d638e3b68c12f320056784b39327753fbd3ff9f476d39ace The OpenSSF Package Analysis project identified 'branch-deploy-action' @ 2.1.1 npm as malicious. It is considered malicious because: - The packa...

MAL-2024-7421 Malicious code in branch-deploy-action (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6f8ee439aa1b1732d638e3b68c12f320056784b39327753fbd3ff9f476d39ace The OpenSSF Package Analysis project identified 'branch-deploy-action' @ 2.1.1 npm as malicious. It is considered malicious because: - The packa...

@adobe/helix-deploy (>=11.0.11 <=11.1.13) potentially affected by CVE-2024-38375 via @fastly/js-compute (>=3.11.0 <=3.15.0)

@fastly/js-compute NPM version =3.11.0, =11.0.11, =11.1.13 Source cves: CVE-2024-38375 Source advisory: OSV:GHSA-MP3G-VPM9-9VQV...

Malicious code in aws_s3-deploy (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in aws-blue_green_deploy (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in auto_deploy-test (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in api-deploy (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-6621 Malicious code in api-deploy (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in amoeba-deploy_tools (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in aem_deploy (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-6526 Malicious code in aem_deploy (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in pino-deploy (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-2871 Malicious code in pino-deploy (npm)

--- -= Per source details. Do not edit below this line.=-...

OPENSUSE-SU-2024:10213-1 ceph-deploy-1.5.34+git.1470736983.963ba71-1.1 on GA media

These are all security issues fixed in the ceph-deploy-1.5.34+git.1470736983.963ba71-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2024-4254

The 'deploy-website.yml' workflow in the gradio-app/gradio repository, specifically in the 'main' branch, is vulnerable to secrets exfiltration due to improper authorization. The vulnerability arises from the workflow's explicit checkout and execution of code from a fork, which is unsafe as it...

IBM UrbanCode Deploy Cross-Site Scripting Vulnerability (CNVD-2024-26496)

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different...

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is affected by a Denial of Service Vulnerability in Netty (CVE-2024-29025)

Summary Netty is vulnerable to a denial of service, caused by a flaw when using the HttpPostRequestDecoder to decode a form. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. Vulnerability Details CVEID:CVE-2024-2902...