IBM DevOps Plan 安全漏洞

IBM DevOps Plan is a change management collaboration platform provided by the American multinational company International Business Machines IBM. Versions of IBM DevOps Plan 3.0.0 and earlier contained security vulnerabilities. These vulnerabilities were due to improper account locking settings,...

devops-security-pipeline-poc

DevOps Security Pipeline POC A security-integrated CI/CD pipe...

Security Bulletin: IBM DevOps Plan REST APIs are vulnerable to exposure of sensitive data through request query parameters. (CVE-2025-36364)

Summary A vulnerability has been identified in IBM DevOps Plan REST APIs where sensitive data is transmitted via request query parameters. Vulnerability Details CVEID:CVE-2025-36364 DESCRIPTION: IBM DevOps Plan allows web page cache to be stored locally which can be read by another user on the...

Security Bulletin: A security vulnerability have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase [CVE-2025-13333]

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Updates for Azure DevOps 2022 XSS (February 2026)

The Microsoft Team Foundation Server is missing a security update. It is, therefore, affected by the following vulnerability: - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. CVE-2026-21512 Note that Nessus has not...

CVE-2026-21512

Server-side request forgery ssrf in Azure DevOps Server allows an authorized attacker to perform spoofing over a network...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase [CVE-2025-53066 ,CVE-2025-53057]

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

CVE-2026-21512

Server-side request forgery ssrf in Azure DevOps Server allows an authorized attacker to perform spoofing over a network...

CVE-2026-21512

Server-side request forgery ssrf in Azure DevOps Server allows an authorized attacker to perform spoofing over a network...

CVE-2026-21512 Azure DevOps Server Cross-Site Scripting Vulnerability

...

CVE-2026-21512

Server-side request forgery ssrf in Azure DevOps Server allows an authorized attacker to perform spoofing over a network...

CVE-2026-21512

CVE-2026-21512 describes a server-side request forgery vulnerability in Azure DevOps Server . The connected documents consistently state an SSRF issue that enables an authorized attacker to perform spoofing over a network , effectively allowing impersonation of another user within affected compon...

CVE-2026-21512 Azure DevOps Server Cross-Site Scripting Vulnerability

...

Azure DevOps Server Cross-Site Scripting Vulnerability

Server-side request forgery ssrf in Azure DevOps Server allows an authorized attacker to perform spoofing over a network...

Microsoft Azure DevOps Server 代码问题漏洞

Microsoft Azure DevOps Server is a software development collaboration tool provided by the American company Microsoft. This product includes features such as shared code, work tracking, and software release management. There are code-related vulnerabilities in Microsoft Azure DevOps Server...

PT-2026-7398

Server-side request forgery ssrf in Azure DevOps Server allows an authorized attacker to perform spoofing over a network...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2026-21925, CVE-2026-21945)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin: A security vulnerability have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2025-30754)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM DevOps Code ClearCase [CVE-2025-66200, CVE-2025-59375, CVE-2025-65082, CVE-2025-59775, CVE-2025-58098]

Summary IBM HTTP Server IHS is shipped as a component of IBM DevOps Code ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. CVE-2025-66200, CVE-2025-59375, CVE-2025-65082, CVE-2025-59775, CVE-2025-58098 Vulnerability Details Refer to the...

Security Bulletin: A security vulnerability have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2025-12635)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...