Ucd Ibm Urbancode Deploy Ucd Ibm Urbancode Deploy

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Ucd Ibm Urbancode Deploy.

By the Year

In 2026 there have been 2 vulnerabilities in Ucd Ibm Urbancode Deploy with an average score of 6.4 out of ten. Last year, in 2025 Ucd Ibm Urbancode Deploy had 1 security vulnerability published. That is, 1 more vulnerability have already been reported in 2026 as compared to last year. However, the average CVE base score of the vulnerabilities in 2026 is greater by 1.35.

Year Vulnerabilities Average Score
2026 2 6.35
2025 1 5.00

It may take a day or so for new Ucd Ibm Urbancode Deploy vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Ucd Ibm Urbancode Deploy Security Vulnerabilities

IBM UCD/DevOps Deploy 7.3-8.2 API Response Sensitive Disclosure
CVE-2026-12085 6.5 - Medium - June 30, 2026

IBM UCD - IBM UrbanCode Deploy 7.3 through 7.3.2.18 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 IBM DevOps Deploy could disclose sensitive configurations and secrets to authenticated users in API responses that could be used in further attacks against the system.

Insertion of Sensitive Information Into Sent Data

IBM UrbanCode Deploy UCD 7.2-8.2 - Sensitive Log File Leakage
CVE-2026-12086 6.2 - Medium - June 30, 2026

IBM UCD - IBM UrbanCode Deploy 7.2 through 7.2.3.23, and 7.3 through 7.3.2.18 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 stores potentially sensitive information in log files that could be read by a local user.

Insertion of Sensitive Information into Log File

IBM UrbanCode Deploy 7.x-8.x Race Condition: http-session IP BND
CVE-2025-36360 5 - Medium - December 15, 2025

IBM UCD - IBM UrbanCode Deploy 7.1 through 7.1.2.27, 7.2 through 7.2.3.20, and 7.3 through 7.3.2.15 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.10, and 8.1 through 8.1.2.3 is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefly reused from a new IP address before it is invalidated, potentially enabling unauthorized access under certain network conditions.

Insufficient Session Expiration

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Ucd Ibm Urbancode Deploy or by IBM? Click the Watch button to subscribe.

IBM
Vendor

subscribe