Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:56 a.m.11 views

CVE-2023-40034

Woodpecker is a community fork of the Drone CI system. In affected versions an attacker can post malformed webhook data witch lead to an update of the repository data that can e.g. allow the takeover of an repo. This is only critical if the CI is configured for public usage and connected to a for...

8.1CVSS6.8AI score0.00716EPSS
Exploits0References1
CVE
CVE
added 2023/08/16 8:48 p.m.86 views

CVE-2023-40034

CVE-2023-40034 affects Woodpecker CI (community fork of Drone CI). The vulnerability: attackers can post malformed webhook data to trigger repository data updates, potentially allowing takeover of a repository when the CI is public and connected to a public forge. The issue is addressed in versio...

8.1CVSS8AI score0.00716EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/08/16 8:48 p.m.54 views

CVE-2023-40034 Repositoty takeover in woodpecker-ci

Woodpecker is a community fork of the Drone CI system. In affected versions an attacker can post malformed webhook data witch lead to an update of the repository data that can e.g. allow the takeover of an repo. This is only critical if the CI is configured for public usage and connected to a for...

8.1CVSS8.3AI score0.00716EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/08/16 8:48 p.m.13 views

CVE-2023-40034 Repositoty takeover in woodpecker-ci

Woodpecker is a community fork of the Drone CI system. In affected versions an attacker can post malformed webhook data witch lead to an update of the repository data that can e.g. allow the takeover of an repo. This is only critical if the CI is configured for public usage and connected to a for...

8.1CVSS8.1AI score0.00716EPSS
Exploits0References4
OSV
OSV
added 2023/08/16 8:48 p.m.31 views

CVE-2023-40034 Repositoty takeover in woodpecker-ci

Woodpecker is a community fork of the Drone CI system. In affected versions an attacker can post malformed webhook data witch lead to an update of the repository data that can e.g. allow the takeover of an repo. This is only critical if the CI is configured for public usage and connected to a for...

8.1CVSS8AI score0.00716EPSS
Exploits0References6
Rows per page
Query Builder