2321 matches found
CVE-2023-3509
CVE-2023-3509 affects GitLab across versions: before 16.7.6, 16.8 before 16.8.3, and 16.9 before 16.9.1. The issue allows group members with sub-maintainer rights to rename privately accessible deploy keys associated with projects within the group. Mitigations are published by GitLab in fixed rel...
CVE-2023-3509
Removed by vendor...
CVE-2023-3509 Incorrect Authorization in GitLab
An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. It was possible for group members with sub-maintainer role to change the title of privately accessible deploy keys associated...
GitLab 0 < 16.7.6 / 16.8 < 16.8.3 / 16.9 < 16.9.1 (CVE-2023-3509)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. It was possible for group...
IBM UrbanCode Deploy Information Disclosure Vulnerability (CNVD-2024-09172)
IBM UrbanCode Deploy UCD is a set of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different...
CVE-2023-41703
User ID references at mentions in document comments were not correctly sanitized. Script code could be injected to a users session when working with a malicious document. Please deploy the provided updates and patch releases. User-defined content like comments and mentions are now filtered to avo...
CVE-2023-41703
User ID references at mentions in document comments were not correctly sanitized. Script code could be injected to a users session when working with a malicious document. Please deploy the provided updates and patch releases. User-defined content like comments and mentions are now filtered to avo...
Cross site request forgery (csrf)
Processing of user-defined mail search expressions is not limited. Availability of OX App Suite could be reduced due to high processing load. Please deploy the provided updates and patch releases. Processing time of mail search expressions now gets monitored, and the related request is terminated...
CVE-2023-41703
User ID references at mentions in document comments were not correctly sanitized. Script code could be injected to a users session when working with a malicious document. Please deploy the provided updates and patch releases. User-defined content like comments and mentions are now filtered to avo...
CVE-2024-22331
IBM UrbanCode Deploy UCD 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy UCD - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971...
CVE-2024-22331
IBM UrbanCode Deploy UCD 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy UCD - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971...
Code injection
IBM UrbanCode Deploy UCD 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy UCD - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971...
CVE-2024-22331 IBM UrbanCode Deploy information disclosure
IBM UrbanCode Deploy UCD 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy UCD - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971...
CVE-2024-22331 IBM UrbanCode Deploy information disclosure
IBM UrbanCode Deploy UCD 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy UCD - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971...
CVE-2024-22331
CVE-2024-22331 affects IBM UrbanCode Deploy (UCD) and IBM DevOps Deploy. The issue could disclose sensitive user information when installing the Windows agent as a service, impacting UCD versions: 7.0–7.0.5.19, 7.1–7.1.2.15, 7.2–7.2.3.8, 7.3–7.3.2.3, and DevOps Deploy 8.0.0.0. Root cause is infor...
PT-2024-19344 · Ibm +1 · Ibm Urbancode Deploy +1
Name of the Vulnerable Software and Affected Versions: IBM UrbanCode Deploy versions 7.0 through 7.0.5.19 IBM UrbanCode Deploy versions 7.1 through 7.1.2.15 IBM UrbanCode Deploy versions 7.2 through 7.2.3.8 IBM UrbanCode Deploy versions 7.3 through 7.3.2.3 IBM UrbanCode Deploy UCD - IBM DevOps...
IBM UrbanCode Deploy 信息泄露漏洞
IBM UrbanCode Deploy UCD is a set of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different...
Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) may be vulnerable to sensitive information disclosure (CVE-2024-22331)
Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD could disclose sensitive user information when installing the Windows agent as a service. Vulnerability Details CVEID:CVE-2024-22331 DESCRIPTION: IBM UrbanCode Deploy UCD could disclose sensitive user information when installing the Windows...
Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) may be vulnerable to HTTP request smuggling (CVE-2023-46589)
Summary Due to the use of Apache Tomcat, IBM DevOps Deploy / IBM UrbanCode Deploy UCD is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP trailer headers. By sending a specially crafted HTTPS trailer header, an attacker could exploit this vulnerability to poison the we...
CVE-2024-23550
HCL DevOps Deploy / HCL Launch UCD could disclose sensitive user information when installing the Windows agent...