Lucene search
K

192 matches found

CVE
CVE
added 2025/01/06 4:38 p.m.60 views

CVE-2024-51472

CVE-2024-51472 affects IBM UrbanCode Deploy (UCD) versions 7.2 (up to 7.2.3.13), 7.3 (up to 7.3.2.8), and IBM DevOps Deploy 8.0–8.0.1.3. The issue is HTML injection in the Web UI that may disclose sensitive information. Remediation is to upgrade to one of: 7.2.3.14, 7.3.2.9, 8.0.1.4, or 8.1.0.0 o...

3.1CVSS3.8AI score0.00244EPSS
Exploits0References1Affected Software2
CNNVD
CNNVD
added 2025/01/06 12:0 a.m.4 views

IBM UrbanCode Deploy 安全漏洞

IBM UrbanCode Deploy IBM UCD is a suite of application automation deployment tools from International Business Machines IBM. The tool is based on an application deployment automation management information model and uses remote agent technology to automate the deployment of complex applications i...

3.1CVSS6.2AI score0.00244EPSS
Exploits0References1
OSV
OSV
added 2024/12/05 5:15 a.m.3 views

CVE-2024-42195

HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure...

6.8CVSS5.9AI score0.00286EPSS
Exploits0References1
NVD
NVD
added 2024/12/05 5:15 a.m.16 views

CVE-2024-42195

HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure...

6.8CVSS0.00286EPSS
Exploits0References1
CVE
CVE
added 2024/12/05 4:47 a.m.63 views

CVE-2024-42195

CVE-2024-42195 concerns HCL DevOps Deploy / HCL Launch, where HTML injection in the Web UI could allow embedding arbitrary HTML tags and potentially disclose sensitive information. The connected documents corroborate the vulnerability type (HTML injection) and affected software name, and note tha...

6.8CVSS3.9AI score0.00286EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2024/12/05 4:47 a.m.8 views

CVE-2024-42195 HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection

HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure...

3.1CVSS6.8AI score0.00286EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/05 4:47 a.m.17 views

CVE-2024-42195 HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection

HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure...

3.1CVSS0.00286EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/05 12:0 a.m.3 views

PT-2024-29790 · Hcl · Hcl Devops Deploy +1

Name of the Vulnerable Software and Affected Versions: HCL DevOps Deploy / HCL Launch affected versions not specified Description: The issue allows a user to embed arbitrary HTML tags in the Web UI, potentially leading to sensitive information disclosure. This is due to an HTML injection...

6.8CVSS6.1AI score0.00286EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/12/05 12:0 a.m.3 views

HCL Launch和HCL DevOps Deploy 安全漏洞

HCL Launch and HCL DevOps Deploy are both products of HCL Corporation, U.S.A. HCL Launch is a multi-functional, enterprise-grade continuous delivery automation software. Used to handle the most complex deployment processes in DevOps.HCL DevOps Deploy is an application. Can be mapped to your...

6.8CVSS6.8AI score0.00286EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/20 2:44 p.m.34 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is affected by a Denial of Service Vulnerability in Netty (CVE-2024-29025)

Summary Netty is vulnerable to a denial of service, caused by a flaw when using the HttpPostRequestDecoder to decode a form. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. Vulnerability Details CVEID:CVE-2024-2902...

5.3CVSS5.6AI score0.0138EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/20 2:44 p.m.31 views

Security Bulletin:  IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is affected by a Denial of Service Vulnerability in Nimbus-JOSE-JWT (CVE-2023-52428)

Summary Connect2id Nimbus-JOSE-JWT is used by IBM DevOps Deploy / IBM UrbanCode Deploy UCD as part of the openid authentication options. Connect2id Nimbus-JOSE-JWT is vulnerable to a denial of service, caused by improper validation of user requests by the PasswordBasedDecrypter PBKDF2 component. ...

7.5CVSS9.3AI score0.00814EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/09 8:5 p.m.23 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to a Cross-Site Scripting vulnerability (CVE-2024-28781)

Summary IBM UrbanCode Deploy UCD is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Vulnerability Details...

5.4CVSS5.3AI score0.00276EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/04/15 9:15 p.m.18 views

CVE-2024-23558

HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system...

6.3CVSS6.2AI score0.00308EPSS
Exploits0References1
OSV
OSV
added 2024/04/15 9:15 p.m.4 views

CVE-2024-23558

HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system...

6.3CVSS5.8AI score0.00308EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/15 9:0 p.m.10 views

CVE-2024-23558 HCL DevOps Deploy / HCL Launch does not invalidate all session authentication cookies after logout

HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system...

6.3CVSS6.7AI score0.00308EPSS
Exploits0References1
CVE
CVE
added 2024/04/15 9:0 p.m.62 views

CVE-2024-23558

The CVE-2024-23558 entry concerns HCL DevOps Deploy / HCL Launch where logout does not invalidate the user session, enabling an authenticated user to impersonate another user on the system. Connected documents confirm the issue origin as a session invalidation failure after logout, with CVSS deta...

6.3CVSS6.6AI score0.00308EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2024/04/15 8:20 p.m.9 views

CVE-2024-23561 HCL DevOps Deploy / HCL Launch is vulnerable to sensitive information disclosure vulnerability

HCL DevOps Deploy / HCL Launch is vulnerable to sensitive information disclosure vulnerability due to insufficient obfuscation of sensitive values...

4.3CVSS6.4AI score0.0036EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/15 8:20 p.m.14 views

CVE-2024-23561 HCL DevOps Deploy / HCL Launch is vulnerable to sensitive information disclosure vulnerability

HCL DevOps Deploy / HCL Launch is vulnerable to sensitive information disclosure vulnerability due to insufficient obfuscation of sensitive values...

4.3CVSS4.7AI score0.0036EPSS
Exploits0References1
NVD
NVD
added 2024/04/15 8:15 p.m.12 views

CVE-2024-23560

HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type...

4.9CVSS4.8AI score0.00324EPSS
Exploits0References1
OSV
OSV
added 2024/04/15 8:15 p.m.4 views

CVE-2024-23560

HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type...

4.9CVSS5.8AI score0.00324EPSS
Exploits0References1
Rows per page
Query Builder