176 matches found
HCL DevOps Deploy 安全漏洞
HCL DevOps Deploy is an application from HCL India. It can be mapped to your organizational structure using flexible team-based and role-based security models. HCL DevOps Deploy has a security vulnerability that stems from the explicit transmission of sensitive information, which could lead to th...
HCL Launch和HCL DevOps Deploy 安全漏洞
HCL Launch and HCL DevOps Deploy are both products of HCL India.HCL Launch is a multi-functional, enterprise-grade continuous delivery automation software. Used to handle the most complex deployment processes in DevOps.HCL DevOps Deploy is an application. Can be mapped to your organizational...
CVE-2025-36360
IBM UCD - IBM UrbanCode Deploy 7.1 through 7.1.2.27, 7.2 through 7.2.3.20, and 7.3 through 7.3.2.15 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.10, and 8.1 through 8.1.2.3 is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefl...
CVE-2025-36360
IBM UCD - IBM UrbanCode Deploy 7.1 through 7.1.2.27, 7.2 through 7.2.3.20, and 7.3 through 7.3.2.15 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.10, and 8.1 through 8.1.2.3 is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefl...
CVE-2025-14148
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token...
CVE-2025-13489
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 IBM DevOps Deploy transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...
CVE-2025-13489
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 IBM DevOps Deploy transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...
CVE-2025-13489 IBM DevOps Deploy is susceptible to a Cleartext Transmission of Sensitive Information
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 IBM DevOps Deploy transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...
CVE-2025-13489 IBM DevOps Deploy is susceptible to a Cleartext Transmission of Sensitive Information
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 IBM DevOps Deploy transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...
CVE-2025-13489
Affected product / component: IBM DevOps Deploy (UCD) versions 8.1 through 8.1.2.3. Root cause / vulnerability detail: Transmits data in clear text, enabling a potential man‑in‑the‑middle to obtain sensitive information. Impact (as stated): Confidentiality impact HIGH; no impact to integrity or a...
CVE-2025-14148 IBM DevOps Deploy is susceptible to a Insufficiently Protected Credentials vulnerability
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token...
CVE-2025-14148 IBM DevOps Deploy is susceptible to a Insufficiently Protected Credentials vulnerability
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token...
CVE-2025-14148
CVE-2025-14148 affects IBM UCD - IBM DevOps Deploy versions 8.1 through 8.1.2.3. An authenticated user with LLM integration configuration privileges can recover a previously saved LLM API Token, exposing credentials. Root cause identified as insufficiently protected credentials (CWE-522). CVSSv3....
CVE-2025-36360
IBM UrbanCode Deploy (UCD) and IBM DevOps Deploy are affected by a race condition in http-session client-IP binding enforcement that may allow a session to be briefly reused from a new IP before invalidation, potentially enabling unauthorized access under certain network conditions. Affected vers...
CVE-2025-36360 IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to an Insufficient Session Expiration vulnerability
IBM UCD - IBM UrbanCode Deploy 7.1 through 7.1.2.27, 7.2 through 7.2.3.20, and 7.3 through 7.3.2.15 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.10, and 8.1 through 8.1.2.3 is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefl...
CVE-2025-36360 IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to an Insufficient Session Expiration vulnerability
IBM UCD - IBM UrbanCode Deploy 7.1 through 7.1.2.27, 7.2 through 7.2.3.20, and 7.3 through 7.3.2.15 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.10, and 8.1 through 8.1.2.3 is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefl...
IBM DevOps Deploy 安全漏洞
IBM DevOps Deploy is an application release solution from International Business Machines IBM, Inc. Standardizes and simplifies the process of deploying software components to each environment during the development cycle. A security vulnerability exists in IBM DevOps Deploy versions 8.1 through...
IBM DevOps Deploy 安全漏洞
IBM DevOps Deploy is an application release solution from International Business Machines IBM, Inc. Standardizes and simplifies the process of deploying software components to each environment during the development cycle. A security vulnerability exists in IBM DevOps Deploy versions 8.1 through...
PT-2025-51280
Name of the Vulnerable Software and Affected Versions IBM DevOps Deploy versions 8.1 through 8.1.2.3 Description An authenticated user with LLM integration configuration privileges may be able to recover a previously saved LLM API Token. Recommendations Update to a version later than 8.1.2.3...
PT-2025-51282
Name of the Vulnerable Software and Affected Versions IBM UrbanCode Deploy versions 7.1 through 7.1.2.27 IBM UrbanCode Deploy versions 7.2 through 7.2.3.20 IBM UrbanCode Deploy versions 7.3 through 7.3.2.15 IBM DevOps Deploy versions 8.0 through 8.0.1.10 IBM DevOps Deploy versions 8.1 through...