PT-2024-34301 · Unknown · Administrator Z

Name of the Vulnerable Software and Affected Versions: Administrator Z versions n/a through 2024.11.04 Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as a SQL Injection vulnerability. This allows for Blind SQL Injection, whic...

CVE-2024-47762 Unexpected visibility of environment variable configurations in @backstage/plugin-app-backend

Backstage is an open framework for building developer portals. Configuration supplied through APPCONFIG environment variables, for example APPCONFIGbackendlistenport=7007, where unexpectedly ignoring the visibility defined in configuration schema. This occurred even if the configuration schema...

CVE-2024-47762 Unexpected visibility of environment variable configurations in @backstage/plugin-app-backend

Backstage is an open framework for building developer portals. Configuration supplied through APPCONFIG environment variables, for example APPCONFIGbackendlistenport=7007, where unexpectedly ignoring the visibility defined in configuration schema. This occurred even if the configuration schema...

GHSA-6HVV-J432-23CV Weave GitOps Terraform Controller Information Disclosure Vulnerability

Impact A vulnerability has been identified in Weave GitOps Terraform Controller which could allow an authenticated remote attacker to view sensitive information. This vulnerability stems from Weave GitOps Terraform Runners tf-runner, where sensitive data is inadvertently printed - potentially...