63 matches found
EUVD-2020-3123
Malware in sbrugna...
EUVD-2020-6509
Malware in sbrugna...
EUVD-2019-7945
Malware in sbrugna...
EUVD-2021-28187
Malicious code in bioql PyPI...
Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.23.0 Release.
Red Hat OpenShift Dev Spaces 3.23.0 has been released. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.23 release is based on...
CVE-2019-17633
For Eclipse Che versions 6.16 to 7.3.0, with both authentication and TLS disabled, visiting a malicious web site could trigger the start of an arbitrary Che workspace. Che with no authentication and no TLS is not usually deployed on a public network but is often used for local installations e.g. ...
Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.20.0 release
Red Hat OpenShift Dev Spaces 3.20 has been released. All containers have been updated to include feature enhancements, bug fixes and CVE fixes. Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in...
Moderate: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.19.0 release
Red Hat OpenShift Dev Spaces 3.19 has been released. All containers have been updated to include feature enhancements, bug fixes and CVE fixes. Following the Red Hat Product Security standards this update is rated as having a security impact of Important. The Common Vulnerability Scoring System...
Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.17.0 release
Red Hat OpenShift Dev Spaces 3.17 has been released. All containers have been updated to include feature enhancements, bug fixes and CVE fixes. This includes fixes to Critical CVE-2024-21534. Following the Red Hat Product Security standards this update is rated as having a security impact of...
Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.16.0 release
Red Hat OpenShift Dev Spaces 3.16 has been released. All containers have been updated to include feature enhancements, bug fixes and CVE fixes. Following the Red Hat Product Security standards this update is rated as having a security impact of Important. The Common Vulnerability Scoring System...
Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.15.0 release
Red Hat OpenShift Dev Spaces 3.15 has been released. All containers have been updated to include feature enhancements, bug fixes and CVE fixes. Following the Red Hat Product Security standards this update is rated as having a security impact of Important. The Common Vulnerability Scoring System...
org.eclipse.che.lib:che-tomcat8-slf4j-logback (>=6.10.0 <=7.2.0), org.eclipse.che:assembly-main (>=6.10.0 <=7.2.0) +2 more potentially affected by CVE-2016-8735 via org.apache.tomcat:tomcat-catalina-jmx-remote (>=8.5.23 <=8.5.46)
org.apache.tomcat:tomcat-catalina-jmx-remote MAVEN version =8.5.23, =6.10.0, =6.10.0, =6.10.0, =12.0, =12.7 Source cves: CVE-2016-8735 Source advisory: OSV:GHSA-CW54-59PW-4G8C...
The vulnerability of the Java Eclipse Che development environment server, related to the lack of message integrity checking, allows attackers to carry out “man-in-the-middle” attacks.
The vulnerability of the Java Eclipse Che development environment server is related to the lack of integrity checks for messages. Exploiting this vulnerability allows a remote attacker to perform “man-in-the-middle” attacks...
CVE-2021-41034
The build of some language stacks of Eclipse Che version 6 includes pulling some binaries from an unsecured HTTP endpoint. As a consequence the builds of such stacks are vulnerable to MITM attacks that allow the replacement of the original binaries with arbitrary ones. The stacks involved are Jav...
CVE-2021-41034
The build of some language stacks of Eclipse Che version 6 includes pulling some binaries from an unsecured HTTP endpoint. As a consequence the builds of such stacks are vulnerable to MITM attacks that allow the replacement of the original binaries with arbitrary ones. The stacks involved are Jav...
Design/Logic Flaw
The build of some language stacks of Eclipse Che version 6 includes pulling some binaries from an unsecured HTTP endpoint. As a consequence the builds of such stacks are vulnerable to MITM attacks that allow the replacement of the original binaries with arbitrary ones. The stacks involved are Jav...
CVE-2021-41034
The build of some language stacks of Eclipse Che version 6 includes pulling some binaries from an unsecured HTTP endpoint. As a consequence the builds of such stacks are vulnerable to MITM attacks that allow the replacement of the original binaries with arbitrary ones. The stacks involved are Jav...
CVE-2021-41034
The build of some language stacks of Eclipse Che version 6 includes pulling some binaries from an unsecured HTTP endpoint. As a consequence the builds of such stacks are vulnerable to MITM attacks that allow the replacement of the original binaries with arbitrary ones. The stacks involved are Jav...
CVE-2021-41034
The CVE concerns Eclipse Che v6: builds of language stacks (Java 8 on Alpine/CentOS, Android, and PHP) pull binaries from an unsecured HTTP endpoint, enabling MITM substitution during the build process. The vulnerability affects the build-time retrieval of binaries, not runtime execution. Root ca...
Eclipse Che 安全漏洞
Eclipse Che is an open source Java-based online integrated development environment IDE from the Eclipse Foundation. A security vulnerability exists in Eclipse Che, which stems from a security issue in the language stack build of Eclipse Che version 6. An attacker who successfully exploited the...