3 matches found
CVE-2026-12086
CVE-2026-12086 affects IBM UrbanCode Deploy (UCD) and IBM DevOps Deploy (IDD): versions 7.2 (up to 7.2.3.23), 7.3 (up to 7.3.2.18), 8.0 (up to 8.0.1.13), 8.1 (up to 8.1.2.6), and 8.2 (up to 8.2.1.0) store potentially sensitive information in log files readable by local users. Root cause is insert...
CVE-2026-12085
IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) are affected by CVE-2026-12085, which allows authenticated users to view sensitive configurations and secrets in API responses. Affected versions include UCD 7.3 through 7.3.2.18 and IBM DevOps Deploy 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8....
CVE-2026-12084
IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is affected by CVE-2026-12084 due to a permissive Cross-Domain Security Policy with untrusted domains in UCD versions 8.1–8.1.2.6 and 8.2–8.2.1.0. This CORS misconfiguration could allow an attacker to perform privileged actions and retrieve sensitive...