CVE-2021-21412
Potential for arbitrary code execution in npm package @thi.ng/egf `#gpg`-tagged property values (only if `decrypt: true` option is enabled). PR with patch has been submitted…
Devamını oku
Kategori: Güvenlik Açıkları
CVE-2021-20352 (engineering_insights, engineering_lifecycle_management, engineering_requirements_quality_assistant_on-premises, engineering_workflow_management, rational_engineering_lifecycle_manager, rational_team_concert)
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the…
CVE-2021-20447 (engineering_insights, engineering_lifecycle_management, engineering_requirements_quality_assistant_on-premises, engineering_workflow_management, rational_engineering_lifecycle_manager, rational_team_concert)
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the…
CVE-2021-20502 (engineering_insights, engineering_lifecycle_management, engineering_requirements_quality_assistant_on-premises, engineering_workflow_management, rational_engineering_lifecycle_manager, rational_team_concert)
IBM Jazz Foundation Products are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability…
CVE-2021-20503 (engineering_insights, engineering_lifecycle_management, engineering_requirements_quality_assistant_on-premises, engineering_workflow_management, rational_engineering_lifecycle_manager, rational_team_concert)
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the…
CVE-2021-20504 (engineering_insights, engineering_lifecycle_management, engineering_requirements_quality_assistant_on-premises, engineering_workflow_management, rational_engineering_lifecycle_manager, rational_team_concert)
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the…
CVE-2021-20506 (engineering_insights, engineering_lifecycle_management, engineering_requirements_quality_assistant_on-premises, engineering_workflow_management, rational_engineering_lifecycle_manager, rational_team_concert)
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the…
CVE-2021-20518 (engineering_insights, engineering_lifecycle_management, engineering_requirements_quality_assistant_on-premises, engineering_workflow_management, rational_engineering_lifecycle_manager, rational_team_concert)
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the…
CVE-2021-20520 (engineering_insights, engineering_lifecycle_management, engineering_requirements_quality_assistant_on-premises, engineering_workflow_management, rational_engineering_lifecycle_manager, rational_team_concert)
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the…
CVE-2021-20482
IBM Cloud Pak for Automation 20.0.2 and 20.0.3 IF002 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote…