3 matches found
CVE-2024-22349
CVE-2024-22349 affects IBM UrbanCode Velocity 4.0.0–4.0.25 and IBM DevOps Velocity 5.0.0, where web pages can be stored locally and read by another user on the system. The underlying issue is a local- reading exposure (no exploit details provided in the supplied docs). IBM’s advisory notes remedi...
CVE-2024-22347
CVE-2024-22347 (IBM UrbanCode Velocity / IBM DevOps Velocity) affects IBM UrbanCode Velocity 4.0.0 – 4.0.25 and IBM DevOps Velocity 5.0.0. The vulnerability stems from the use of weaker-than-expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information. ...
CVE-2024-22348
CVE-2024-22348 concerns IBM UrbanCode Velocity and IBM DevOps Velocity. According to the primary entry and corroborating Red Hat/IBM security notes, the vulnerability stems from Cross‑Origin Resource Sharing (CORS) configurations that do not restrict the domain name to trusted origins. Affected p...