Lucene search
K

2321 matches found

Cvelist
Cvelist
added 2024/04/15 5:31 p.m.30 views

CVE-2024-23559 HCL DevOps Deploy / Launch is generating an obsolete HTTP header

HCL DevOps Deploy / Launch is generating an obsolete HTTP header...

6.1CVSS6.5AI score0.00308EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.3 views

HCL Technologies HCL Launch 安全漏洞

HCL Technologies HCL Launch is a versatile, enterprise-grade continuous delivery automation software from HCL Technologies, Inc. It is used to handle the most complex deployment processes in DevOps. A security vulnerability exists in HCL DevOps Deploy and HCL Launch that stems from not invalidati...

6.3CVSS6.7AI score0.00308EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.3 views

HCL Technologies HCL Launch 安全漏洞

HCL Technologies HCL Launch is a versatile, enterprise-grade continuous delivery automation software from HCL Technologies, Inc. for handling the most complex deployment processes in DevOps. A security vulnerability exists in HCL Technologies HCL DevOps Deploy and HCL Launch that stems from...

4.3CVSS6.8AI score0.0036EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.2 views

HCL Technologies HCL Launch 安全漏洞

HCL Technologies HCL Launch is a versatile, enterprise-grade continuous delivery automation software from HCL Technologies, Inc. It is used to handle the most complex deployment processes in DevOps. A security vulnerability exists in HCL DevOps Deploy and HCL Launch that stems from allowing the...

6.1CVSS6.7AI score0.00308EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.3 views

HCL Technologies HCL Launch 安全漏洞

HCL Technologies HCL Launch is a versatile, enterprise-grade continuous delivery automation software from HCL Technologies, Inc. It is used to handle the most complex deployment processes in DevOps. A security vulnerability exists in HCL DevOps Deploy and HCL Launch that stems from the...

4.9CVSS6.7AI score0.00324EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.3 views

PT-2024-19942 · Hcl · Hcl Devops Deploy +1

Name of the Vulnerable Software and Affected Versions: HCL DevOps Deploy / HCL Launch affected versions not specified Description: The issue is related to a sensitive information disclosure vulnerability due to insufficient obfuscation of sensitive values. Recommendations: At the moment, there is...

4.3CVSS6.6AI score0.0036EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.2 views

PT-2024-19941 · Hcl · Hcl Devops Deploy +1

Name of the Vulnerable Software and Affected Versions: HCL DevOps Deploy / HCL Launch affected versions not specified Description: The issue is related to incomplete revocation of permissions when deleting a custom security resource type. There is no information provided about the estimated numbe...

4.9CVSS6.4AI score0.00324EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.4 views

PT-2024-19939 · Hcl · Hcl Devops Deploy +1

Name of the Vulnerable Software and Affected Versions: HCL DevOps Deploy / HCL Launch affected versions not specified Description: The issue arises from the failure of HCL DevOps Deploy / HCL Launch to invalidate a user's session after they log out. This could potentially allow an authenticated...

6.3CVSS6.7AI score0.00308EPSS
Exploits0References8
NVD
NVD
added 2024/04/12 5:17 p.m.22 views

CVE-2024-22358

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 28089...

8.8CVSS6.1AI score0.00411EPSS
Exploits0References2
OSV
OSV
added 2024/04/12 5:17 p.m.3 views

CVE-2024-22358

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 28089...

8.8CVSS5.8AI score0.00411EPSS
Exploits0References2
NVD
NVD
added 2024/04/12 5:17 p.m.16 views

CVE-2024-22359

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intend...

6.1CVSS5.8AI score0.0037EPSS
Exploits0References2
OSV
OSV
added 2024/04/12 5:17 p.m.4 views

CVE-2024-22359

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intend...

6.1CVSS5.5AI score0.0037EPSS
Exploits0References2
NVD
NVD
added 2024/04/12 5:17 p.m.25 views

CVE-2024-22334

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type. When deleting a custom security type,...

4.4CVSS4.6AI score0.00436EPSS
Exploits0References2
OSV
OSV
added 2024/04/12 5:17 p.m.4 views

CVE-2024-22334

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type. When deleting a custom security type,...

4.4CVSS5.8AI score0.00436EPSS
Exploits0References2
OSV
OSV
added 2024/04/12 5:17 p.m.4 views

CVE-2024-22339

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 is vulnerable to a sensitive information due to insufficient obfuscation of sensitive values from some log files. IBM X-Force ID: 279979...

4.3CVSS5.8AI score0.00443EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/12 4:53 p.m.15 views

CVE-2024-22358 IBM UrbanCode Deploy session fixation

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 28089...

6.3CVSS6.4AI score0.00411EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/12 4:53 p.m.19 views

CVE-2024-22358 IBM UrbanCode Deploy session fixation

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 28089...

6.3CVSS6.1AI score0.00411EPSS
Exploits0References2
CVE
CVE
added 2024/04/12 4:53 p.m.64 views

CVE-2024-22358

IBM UrbanCode Deploy (UCD) and IBM DevOps Deploy are affected by CVE-2024-22358: upon logout, sessions are not invalidated, allowing an authenticated user to impersonate another user. Affected versions include UCD 7.0–7.0.5.20, 7.1–7.1.2.16, 7.2–7.2.3.9, 7.3–7.3.2.4 and DevOps Deploy 8.0–8.0.0.1....

8.8CVSS6.2AI score0.00411EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2024/04/12 4:51 p.m.59 views

CVE-2024-22339

CVE-2024-22339 affects IBM UrbanCode Deploy (UCD) and IBM DevOps Deploy, with the root cause being insufficient obfuscation of sensitive values in some log files, leading to potential sensitive information disclosure. Affected products and versions include: UCD 7.0–7.0.5.20, 7.1–7.1.2.16, 7.2–7.2...

4.3CVSS5.9AI score0.00443EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2024/04/12 4:51 p.m.16 views

CVE-2024-22339 IBM UrbanCode Deploy information disclosure

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 is vulnerable to a sensitive information due to insufficient obfuscation of sensitive values from some log files. IBM X-Force ID: 279979...

4.3CVSS6.2AI score0.00443EPSS
Exploits0References2
Rows per page
Query Builder