📦 Hcl Devops Deploy

CVE-2025-0255 is an OS command injection vulnerability in HCL DevOps Deploy/Launch that allows authenticated privileged attackers to execute arbitrary commands on affected systems. This affects organi...

In HCL DevOps Deploy versions 8.1.2.0 through 8.1.2.3, users with LLM configuration privileges can recover previously saved credentials used for authenticated LLM queries. This credential exposure vul...

This vulnerability in HCL BigFix Remote Control Lite Web Portal allows attackers to bypass Content Security Policy restrictions and execute malicious JavaScript code in web pages. It affects organizat...

HCL DevOps Deploy/Launch has a race condition in HTTP session IP binding that may allow brief session reuse from a new IP address before invalidation. This could enable unauthorized access under speci...

HCL DevOps Deploy transmits sensitive information in cleartext over HTTP instead of redirecting to HTTPS as intended. This allows attackers with network access to intercept or modify user credentials ...

HCL DevOps Deploy/Launch is vulnerable to HTML injection, allowing authenticated users to embed arbitrary HTML in the web interface. This could lead to information disclosure through crafted pages. Af...

HCL DevOps Deploy/Launch stores authentication tokens in log files that local users can read. This allows unauthorized access to sensitive credentials. Organizations using affected versions of these p...

This vulnerability in HCL DevOps Deploy/Launch allows authenticated users to access sensitive information about other users due to insufficient authorization checks. It affects organizations using the...

This vulnerability in HCL BigFix Remote Control Lite Web Portal allows attackers to execute malicious code by exploiting improper path-relative stylesheet import handling. It affects web portal versio...