漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
The Chef Habitat builder is impacted by Indirect Object reference(IDOR) by deletion of personal access token
Vulnerability Description
The Chef Habitat builder-api on-prem-builder package with any version lower than habitat/builder-api/10315/20240913162802 is vulnerable to indirect object reference (IDOR) by un-authorized deletion of personal token. Habitat builder consumes builder-api habitat package as a dependency and the vulnerability was specifically due to builder-api habitat package. The fix was made available in habitat/builder-api/10315/20240913162802 and all the subsequent versions after that. We would recommend user to always use on-prem stable channel.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Vulnerability Type
授权机制不正确
Vulnerability Title
Progress Chef Habitat 安全漏洞
Vulnerability Description
Progress Chef Habitat是美国Progress公司的一种开源解决方案,提供自动化功能,用于定义、打包和交付应用程序到几乎任何环境。 Progress Chef Habitat存在安全漏洞,该漏洞源于容易受到间接对象引用(IDOR)的影响。
CVSS Information
N/A
Vulnerability Type
N/A