IBM UrbanCode Deploy（IBM UCD）和IBM DevOps Deploy 代码问题漏洞

IBM UrbanCode Deploy IBM UCD and IBM DevOps Deploy are both products of International Business Machines IBM.IBM UrbanCode Deploy is a suite of application automation deployment tools. The tool is based on an application deployment automation management information model, and through remote agent...

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is affected by multiple Apache Tomcat vulnerabilities (CVE-2025-55752, CVE-2025-61795)

Summary Apache Tomcat is used by IBM DevOps Deploy / IBM UrbanCode Deploy UCDas part of the user web interface and API. CVE-2025-55752, CVE-2025-61795 Vulnerability Details CVEID:CVE-2025-55752 DESCRIPTION: Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a...

Security Bulletin: IBM DevOps Deploy is susceptible to a Cleartext Transmission of Sensitive Information (CVE-2025-13489)

Summary Certain versions of the IBM DevOps Deploy include a configuration file that does not enforce redirecting HTTP traffic to HTTPS as intended CVE-2025-13489 Vulnerability Details CVEID:CVE-2025-13489 DESCRIPTION: IBM DevOps Deploy transmits data in clear text that could allow an attacker to...

Security Bulletin: IBM DevOps Deploy is susceptible to a Insufficiently Protected Credentials vulnerability (CVE-2025-14148)

Summary IBM DevOps Deploy could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token. CVE-2025-14148 Vulnerability Details CVEID:CVE-2025-14148 DESCRIPTION: IBM DevOps Deploy could allow an authenticated user with LLM integration...

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to multiple vulnerabilities in Netty (CVE-2025-58056, CVE-2025-58057)

Summary Netty is used by IBM DevOps Deploy / IBM UrbanCode Deploy UCD as part of the agent-server-relay communication system and is affected by CVE-2025-58056, CVE-2025-58057. Vulnerability Details CVEID:CVE-2025-58056 DESCRIPTION: Netty is an asynchronous event-driven network application framewo...

EUVD-2024-21056

Malicious code in bioql PyPI...

EUVD-2024-19920

Malicious code in bioql PyPI...

EUVD-2024-19895

Malicious code in bioql PyPI...

EUVD-2025-7995

Malicious code in bioql PyPI...

EUVD-2025-7994

Malicious code in bioql PyPI...

EUVD-2024-52326

Malicious code in bioql PyPI...

EUVD-2024-45784

Malicious code in bioql PyPI...

EUVD-2024-39431

Malicious code in bioql PyPI...

EUVD-2024-21055

Malicious code in bioql PyPI...

EUVD-2024-19919

Malicious code in bioql PyPI...

EUVD-2025-8284

Malicious code in bioql PyPI...

EUVD-2025-15132

Malicious code in bioql PyPI...

EUVD-2024-21053

Malicious code in bioql PyPI...

EUVD-2025-8494

Malicious code in bioql PyPI...

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is affected by an Uncontrolled Recursion Vulnerability in Connect2id Nimbus JOSE + JWT (CVE-2025-53864)

Summary Connect2id Nimbus JOSE + JWT is used by IBM DevOps Deploy / IBM UrbanCode Deploy UCD as part of integrating with OpenID Connect providers OIDC and is affected by an Uncontrolled Recursion Vulnerability. CVE-2025-53864. Vulnerability Details CVEID:CVE-2025-53864 DESCRIPTION: Connect2id...