CVE-2024-42195
- EPSS 0.82%
- Veröffentlicht 05.12.2024 05:15:06
- Zuletzt bearbeitet 21.04.2025 16:50:52
HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure.
CVE-2024-23558
- EPSS 0.12%
- Veröffentlicht 15.04.2024 21:15:07
- Zuletzt bearbeitet 11.04.2025 18:14:35
HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
CVE-2024-23561
- EPSS 0.38%
- Veröffentlicht 15.04.2024 21:15:07
- Zuletzt bearbeitet 11.04.2025 18:16:41
HCL DevOps Deploy / HCL Launch is vulnerable to sensitive information disclosure vulnerability due to insufficient obfuscation of sensitive values.
CVE-2024-23560
- EPSS 0.13%
- Veröffentlicht 15.04.2024 20:15:10
- Zuletzt bearbeitet 11.04.2025 18:25:49
HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type.
CVE-2024-23559
- EPSS 0.41%
- Veröffentlicht 15.04.2024 18:15:10
- Zuletzt bearbeitet 11.04.2025 14:33:49
HCL DevOps Deploy / Launch is generating an obsolete HTTP header.
CVE-2024-23550
- EPSS 0.05%
- Veröffentlicht 03.02.2024 06:15:48
- Zuletzt bearbeitet 03.06.2025 19:15:38
HCL DevOps Deploy / HCL Launch (UCD) could disclose sensitive user information when installing the Windows agent.