CVE-2024-35266 Azure DevOps Server Spoofing Vulnerability

...

CVE-2024-35266

Azure DevOps Server Spoofing Vulnerability (CVE-2024-35266) affects Microsoft Azure DevOps Server/TFS. The incident arises from a spoofing flaw in the server, enabling a threat actor to impersonate another user over the network. The CVSS v3.1 base score is 7.6 (HIGH), with network access required...

CVE-2024-35266 Azure DevOps Server Spoofing Vulnerability

...

Azure DevOps Server Spoofing Vulnerability

...

Azure DevOps Server Spoofing Vulnerability

...

Security Updates for Microsoft Team Foundation Server and Azure DevOps Server (July 2024)

The Microsoft Team Foundation Server or Azure DevOps is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. CVE-2024-35266, CVE-2024-35267...

Microsoft Azure DevOps Server Security Vulnerability

Microsoft Azure DevOps Server is a suite of software development collaboration tools from Microsoft Corporation USA. The product includes features such as code sharing, work tracking, and software distribution. A security vulnerability exists in Microsoft Azure DevOps Server. An attacker exploits...

PT-2024-4740 · Microsoft · Azure Devops Server

Name of the Vulnerable Software and Affected Versions: Azure DevOps Server affected versions not specified Description: The issue is related to the Azure DevOps Server development software and is associated with the failure to take measures to protect the web page structure. Exploitation of this...

PT-2024-4741 · Microsoft · Azure Devops Server

Name of the Vulnerable Software and Affected Versions: Azure DevOps Server affected versions not specified Description: The issue is related to the Azure DevOps Server development software and is associated with a lack of protection for the web page structure. This can allow a remote attacker to...

Microsoft Azure DevOps Server Security Vulnerability

Microsoft Azure DevOps Server is a suite of software development collaboration tools from Microsoft Corporation USA. The product includes features such as code sharing, work tracking, and software distribution. A security vulnerability exists in Microsoft Azure DevOps Server. An attacker exploits...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2024-37532)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

agenta (>=0.14.1a0 <=0.14.7a1), agentic-devops (>=0.0.5 <=0.0.9) +73 more potentially affected by CVE-2024-5710 via litellm (>=0.11.1 <=1.40.13)

litellm PYPI version =0.11.1, =0.14.1a0, =0.0.5, =0.2.0, =0.29.0, =0.1.5, =0.1.0, =1.3.0, =0.1.0, =0.0.1, =0.0.0, =0.114.0, =0.0.1, =0.0.2 and more Source cves: CVE-2024-5710 Source advisory: OSV:GHSA-QQCV-VG9F-5RR3...

Malicious code in eu.tsystems.mms.tic.testerra.plugins.azuredevops.annotation.azuretest (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-2338 Malicious code in eu.tsystems.mms.tic.testerra.plugins.azuredevops.annotation.azuretest (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in aws-ecs-devops-using-aws-cdk (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-1791 Malicious code in aws-ecs-devops-using-aws-cdk (npm)

--- -= Per source details. Do not edit below this line.=-...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM DevOps Code ClearCase [CVE-2024-24795, CVE-2023-38709]

Summary IBM HTTP Server IHS is shipped as a component of IBM DevOps Code ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. CVE-2024-24795, CVE-2023-38709 Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM DevOps Code ClearCase [CVE-2023-52425]

Summary IBM HTTP Server IHS is shipped as a component of IBM DevOps Code ClearCase. Information about a security vulnerability affecting IHS has been published in a security bulletin. CVE-2023-52425 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin: IBM DevOps Release addresses multiple vulnerabilities.

Summary IBM DevOps Release 7.0.0.2 addresses multiple vulnerabilities. Vulnerability Details CVEID:CVE-2014-3643 DESCRIPTION: Jersey could allow a remote attacker to obtain sensitive information, caused by an XML external entity XXE error when processing XML data by jersey SAX parser. By sending ...

Security Bulletin: Multiple vulnerabilities in Open JDK affecting Rational Functional Tester / DevOps Test UI

Summary There are multiple vulnerabilities in Open JDK Version 8, OpenJ9 used by Rational Functional Tester RFT / DevOps Test UI. RFT has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21085 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component coul...