CVE-2022-22367

IBM UrbanCode Deploy UCD 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 could disclose sensitive database information to a local user in plain text. IBM X-Force ID: 221008...

CVE-2022-22366

IBM UrbanCode Deploy UCD 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 22106...

Code injection

IBM UrbanCode Deploy UCD 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 22106...

Information disclosure

IBM UrbanCode Deploy UCD 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 could disclose sensitive database information to a local user in plain text. IBM X-Force ID: 221008...

CVE-2022-22367

CVE-2022-22367 affects IBM UrbanCode Deploy (UCD) and allows a local user to disclose sensitive database information in plain text. Affected versions are UCD 6.0.0.0–6.2.7.15 and 7.0.0.0–7.0.5.10, 7.1.0.0–7.1.2.6, and 7.2.0.0–7.2.2.1. Root cause: information disclosure in plain text stored/retrie...

CVE-2022-22367

IBM UrbanCode Deploy UCD 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 could disclose sensitive database information to a local user in plain text. IBM X-Force ID: 221008...

CVE-2022-22366

IBM UrbanCode Deploy UCD 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 22106...

CVE-2022-22366

CVE-2022-22366 affects IBM UrbanCode Deploy (UCD) versions 6.0.0.0–6.2.7.15 and 7.0.0.0–7.2.2.1, where user credentials are stored in plain clear text readable by a local user. The IBM security bulletin describes this as an information-disclosure vulnerability with a CVSS base score around 4.9. R...

CVE-2022-1983

Incorrect authorization in GitLab EE affecting all versions from 10.7 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allowed an attacker already in possession of a valid Deploy Key or a Deploy Token to misuse it from any location to access Container Registries even when IP...

Authorization

Incorrect authorization in GitLab EE affecting all versions from 10.7 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allowed an attacker already in possession of a valid Deploy Key or a Deploy Token to misuse it from any location to access Container Registries even when IP...

CVE-2022-1983

Incorrect authorization in GitLab EE affecting all versions from 10.7 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allowed an attacker already in possession of a valid Deploy Key or a Deploy Token to misuse it from any location to access Container Registries even when IP...

UBUNTU-CVE-2022-1983

Incorrect authorization in GitLab EE affecting all versions from 10.7 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allowed an attacker already in possession of a valid Deploy Key or a Deploy Token to misuse it from any location to access Container Registries even when IP...

CVE-2022-1983

Incorrect authorization in GitLab EE affecting all versions from 10.7 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allowed an attacker already in possession of a valid Deploy Key or a Deploy Token to misuse it from any location to access Container Registries even when IP...

CVE-2022-1983

Removed by vendor...

PT-2022-14235 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 10.7 through 14.10.5 GitLab EE versions 15.0 through 15.0.4 GitLab EE versions 15.1 through 15.1.1 Description: The issue concerns incorrect authorization in GitLab EE, allowing an attacker with a valid Deploy Key or Deploy...

IBM UrbanCode Deploy 安全漏洞

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM in the United States. The tool is based on an application deployment automation management information model and uses remote agent technology to automate the deployment of complex applications in different...

IBM UrbanCode Deploy 安全漏洞

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM Corporation in the United States. The tool is based on an application deployment automation management information model, and through remote agent technology to automate the deployment of complex applications in...

Security Bulletin: UrbanCode Deploy is vulnerable to denial of service due to Jackson-databind (CVE-2020-36518)

Summary When processing untrusted data in a plugin step to process jackson-databind data, a large depth of nested objects may be used to cause a denial of service within the step. Vulnerability Details CVEID: CVE-2020-36518 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of...

CVE-2022-22366

IBM UrbanCode Deploy UCD 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 22106...

CVE-2022-22367

IBM UrbanCode Deploy UCD 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 could disclose sensitive database information to a local user in plain text. IBM X-Force ID: 221008...