2 matches found
CVE-2025-14150
CVE-2025-14150 affects IBM webMethods Integration (on prem) Server versions 10.15 through IS_10.15_Core_Fix24 and 11.1 through IS_11.1_Core_Fix8. Root cause: server responses could disclose sensitive user information. Impact: exposure of sensitive information with network access (vector: network,...
GHSA-P3V4-C93G-CMHW BBOT's gitlab.py exposes globally configured "gitlab" API key
Summary bbot's gitlab.py sends the user's "gitlab" API key to on-premise GitLab instances. If a user has configured a gitlab.com API key using this mechanism, it may be leaked to an attacker-controlled server. Impact A user with a "gitlab" API key configured who uses bbot to scan a malicious...