Lucene search
K

7 matches found

EUVD
EUVD
added 2026/06/18 2:13 p.m.10 views

EUVD-2026-37897

Woodpecker is a CI/CD engine. Starting in version 3.0.0 and prior to version 3.14.1, a vulnerability in Woodpecker CI's gRPC layer allowed any authenticated agent to impersonate any other agent on the same server by injecting a forged agentid value into outgoing gRPC metadata. The server correctl...

7.1CVSS5.4AI score0.00246EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/18 2:13 p.m.7 views

CVE-2026-50141

Woodpecker is a CI/CD engine. Starting in version 3.0.0 and prior to version 3.14.1, a vulnerability in Woodpecker CI's gRPC layer allowed any authenticated agent to impersonate any other agent on the same server by injecting a forged agentid value into outgoing gRPC metadata. The server correctl...

7.1CVSS5.4AI score0.00246EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/06/18 2:13 p.m.19 views

CVE-2026-50141 Woodpecker gRPC agent_id metadata can be spoofed- cross-tenant agent impersonation

Woodpecker is a CI/CD engine. Starting in version 3.0.0 and prior to version 3.14.1, a vulnerability in Woodpecker CI's gRPC layer allowed any authenticated agent to impersonate any other agent on the same server by injecting a forged agentid value into outgoing gRPC metadata. The server correctl...

7.1CVSS0.00246EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 8:34 a.m.6 views

CVE-2024-41122

Woodpecker is a simple yet powerful CI/CD engine with great extensibility. The server allow to create any user who can trigger a pipeline run malicious workflows: 1. Those workflows can either lead to a host takeover that runs the agent executing the workflow. 2. Or allow to extract the secrets w...

8.8CVSS6.7AI score0.00618EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-2240

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.00618EPSS
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/19 11:13 a.m.5 views

Malicious code in woodpecker-ci (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cff5749234f2b25995b0c9e8c5b6baa0434340fe0646aa21e19eef1e6612812a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2024/12/19 11:13 a.m.2 views

MAL-2024-12060 Malicious code in woodpecker-ci (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cff5749234f2b25995b0c9e8c5b6baa0434340fe0646aa21e19eef1e6612812a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
Rows per page
Query Builder