CVE-2025-47906 vulnerabilities

Vulnerabilities for packages: container-object-storage-interface, kuberay-operator, terraform-provider-time, kube-vip-cloud-provider, octo-sts, rancher-machine, vexctl, php-fpmexporter, confluent-common-docker, addon-resizer, sftpgo-plugin-pubsub, knative-serving,...

GHSA-GWRF-JF3H-W649 vulnerabilities

Vulnerabilities for packages: container-object-storage-interface, kuberay-operator, terraform-provider-time, kube-vip-cloud-provider, octo-sts, rancher-machine, vexctl, php-fpmexporter, confluent-common-docker, addon-resizer, sftpgo-plugin-pubsub, knative-serving,...

GHSA-GWRF-JF3H-W649 vulnerabilities

Vulnerabilities for packages: sftpgo-plugin-pubsub, yace-fips, prometheus-process-exporter, consul-fips, prometheus-adapter, memcached-exporter-fips, blob-csi-fips, cloud-provider-aws, terraform-provider-tls-fips, cluster-autoscaler-fips, etcd-fips, mattmoor-chainit, pvc-autoresizer, octo-sts,...

CVE-2025-59457

In JetBrains TeamCity before 2025.07.2 missing Git URL validation allowed credential leakage on Windows...

JetBrains TeamCity Credentials Disclosure Vulnerability

JetBrains TeamCity is a Continuous Integration/Continuous Deployment CI/CD tool developed by JetBrains to automate the software build, test, and deployment process with support for multiple programming languages and tools. JetBrains TeamCity suffers from a credential disclosure vulnerability that...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.60 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.60 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...

[SECURITY] Fedora 42 Update: forgejo-12.0.3-1.fc42

Forgejo pronounced /for=CB=88d=CD=A1=CA=92e.jo/ is a lightweight software f orge. Use it to host git repositories, track their issues and allow people to contribute to them!...

[SECURITY] Fedora 43 Update: forgejo-12.0.3-1.fc43

Forgejo pronounced /for=CB=88d=CD=A1=CA=92e.jo/ is a lightweight software f orge. Use it to host git repositories, track their issues and allow people to contribute to them!...

JetBrains TeamCity < 2025.07.2 Information Disclosure (Windows)

The version of JetBrains TeamCity installed on the remote Windows host is prior to 2025.07.2. It is, therefore, affected by an information disclosure vulnerability due to missing Git URL validation. An authenticated, remote attacker can exploit this to cause credential leakage. Note that Nessus h...

Security Bulletin: IBM Watsonx BI is affected by a vulnerability found in yarnpkg Yarn up to 1.22.22. It has been classified as problematic.

Summary Watsonx BI has a vulnerability found in yarnpkg Yarn up to 1.22.22. It has been classified as problematic. Affected is the function explodeHostedGitFragment of the file src/resolvers/exotics/hosted-git-resolver.js. The manipulation leads to inefficient regular expression complexity...

CVE-2025-59457

In JetBrains TeamCity before 2025.07.2 missing Git URL validation allowed credential leakage on Windows...

CVE-2025-59457

In JetBrains TeamCity before 2025.07.2 missing Git URL validation allowed credential leakage on Windows...

CVE-2025-59457

CVE-2025-59457 affects JetBrains TeamCity before 2025.07.2. The issue is a missing Git URL validation that can lead to credential leakage on Windows. Root cause: lack of proper validation for Git URLs. Impact: potential disclosure of credentials (high confidentiality impact) with network attack v...

CVE-2025-59457

In JetBrains TeamCity before 2025.07.2 missing Git URL validation allowed credential leakage on Windows...

CVE-2025-59457

In JetBrains TeamCity before 2025.07.2 missing Git URL validation allowed credential leakage on Windows...

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a Continuous Integration/Continuous Deployment CI/CD tool developed by JetBrains to automate the software build, test, and deployment process with support for multiple programming languages and tools. JetBrains TeamCity suffers from a credential disclosure vulnerability that...

PT-2025-38135

Name of the Vulnerable Software and Affected Versions: TeamCity versions prior to 2025.07.2 Description: A missing Git URL validation in TeamCity allowed credential leakage on Windows systems. Recommendations: Update TeamCity to version 2025.07.2 or later...

MAL-2025-47259 Malicious code in @operato/layout (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 44a552d4764e4a94731bc775f336a42c5c009c3087c446620633144c2b27a31d Any computer that has this package installed or running should be considered fully compromised. All...

MAL-2025-47406 Malicious code in mstate-angular (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c320e2bfb6910ff89bb8610f780de83ce7f70dee3f8dfd5fff63bfda666a28c Any computer that has this package installed or running should be considered fully compromised. All...

Malicious code in @art-ws/openapi (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 95bf1ca6cf44627c0e79bccad94ab171021ece601814ac65cc70d055d925a3f0 Any computer that has this package installed or running should be considered fully compromised. All...