CVE-2022-35716

IBM UrbanCode Deploy UCD 6.2.0.0 through 6.2.7.16, 7.0.0.0 through 7.0.5.11, 7.1.0.0 through 7.1.2.7, and 7.2.0.0 through 7.2.3.0 could allow an authenticated user to obtain sensitive information in some instances due to improper security checking. IBM X-Force ID: 231360...

CVE-2022-36891

A missing permission check in Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier allows attackers with Item/Read permission but without Deploy Now/Deploy permission to read deployment logs...

CVE-2022-36891

A missing permission check in Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier allows attackers with Item/Read permission but without Deploy Now/Deploy permission to read deployment logs...

Information disclosure

A missing permission check in Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier allows attackers with Item/Read permission but without Deploy Now/Deploy permission to read deployment logs...

CVE-2022-36891

A missing permission check in Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier allows attackers with Item/Read permission but without Deploy Now/Deploy permission to read deployment logs...

PT-2022-4031 · Jenkins · Jenkins Deployer Framework Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Deployer Framework Plugin versions 85.v1d1888e8c021 and earlier Description: A missing permission check in the Jenkins Deployer Framework Plugin allows attackers with Item/Read permission but without Deploy Now/Deploy permission to re...

CVE-2022-30532

In affected versions of Octopus Deploy, there is no logging of changes to artifacts within Octopus Deploy...

CVE-2022-30532

In affected versions of Octopus Deploy, there is no logging of changes to artifacts within Octopus Deploy...

CVE-2022-30532

In affected versions of Octopus Deploy, there is no logging of changes to artifacts within Octopus Deploy...

Design/Logic Flaw

In affected versions of Octopus Deploy, there is no logging of changes to artifacts within Octopus Deploy...

CVE-2022-30532

In affected versions of Octopus Deploy, there is no logging of changes to artifacts within Octopus Deploy...

CVE-2022-30532

CVE-2022-30532 affects Octopus Deploy with a root cause described as lack of logging for changes to artifacts. Connected sources (e.g., CNNVD-202207-1611) enumerate broad affected version ranges across multiple Octopus Deploy releases, indicating a systemic logging gap rather than a targeted comp...

PT-2022-20161 · Unknown · Octopus Deploy

Name of the Vulnerable Software and Affected Versions: Octopus Deploy affected versions not specified Description: The issue concerns the lack of logging for changes made to artifacts within the system. There is no information provided about the estimated number of potentially affected devices...

Octopus Deploy 安全漏洞

Octopus Deploy is an automation tool for .NET, Java and other application development and deployment from Octopus Deploy Australia. A security vulnerability exists in Octopus Deploy that stems from the lack of logging of artifact changes in Octopus Deploy. The following versions are affected: all...

Security Bulletin: IBM UrbanCode Deploy (UCD) could disclose sensitive database information to a local user in plain text. (CVE-2022-22367)

Summary Certain data for recurring activites may be internally stored in a plain text format. Vulnerability Details CVEID: CVE-2022-22367 DESCRIPTION: IBM UrbanCode Deploy UCD could disclose sensitive database information to a local user in plain text. CVSS Base score: 4 CVSS Temporal Score: See:...

Security Bulletin: IBM Urbancode Deploy (UCD) vulnerable to information disclosure which can be read by a local user. (CVE-2022-22366)

Summary Diagnostic records may contain values used to perform remote creation of ssh agents. Vulnerability Details CVEID: CVE-2022-22366 DESCRIPTION: IBM UrbanCode Deploy UCD stores user credentials in plain clear text which can be read by a local user. CVSS Base score: 4.9 CVSS Temporal Score:...

GitLab 10.7 < 14.10.5 / 15.0 < 15.0.4 / 15.1 < 15.1.1 (CVE-2022-1983)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Incorrect authorization in GitLab EE affecting all versions from 10.7 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allowed an attacker already in possession of a valid Deploy Key ...

IBM UrbanCode Deploy Information Disclosure Vulnerability (CNVD-2022-51651)

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM Corporation in the United States. The tool is based on an application deployment automation management information model, and through remote agent technology to automate the deployment of complex applications in...

CVE-2022-22367

IBM UrbanCode Deploy UCD 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 could disclose sensitive database information to a local user in plain text. IBM X-Force ID: 221008...

CVE-2022-22367

IBM UrbanCode Deploy UCD 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 could disclose sensitive database information to a local user in plain text. IBM X-Force ID: 221008...