2 matches found
PT-2024-29278 · Unknown · Woodpecker
Name of the Vulnerable Software and Affected Versions: Woodpecker versions prior to 2.7.0 Description: The issue allows attackers to create malicious workflows that can lead to host takeover or secret leaks. This is possible because the server allows any user to trigger a pipeline run, and those...
PT-2023-3287 · Unknown +1 · Opensearch +1
Name of the Vulnerable Software and Affected Versions: OpenSearch versions prior to 1.3.10 and 2.7.0 Description: The issue is related to the implementation of fine-grained access control rules, including document-level security, field-level security, and field masking. These rules are not...