3 matches found
EUVD-2024-53110
Malicious code in bioql PyPI...
CVE-2024-56321 GoCD can allow malicious GoCD admins to abuse backup configuration to gain additional host access
GoCD is a continuous deliver server. GoCD versions 18.9.0 through 24.4.0 inclusive can allow GoCD admins to abuse the backup configuration "post-backup script" feature to potentially execute arbitrary scripts on the hosting server or container as GoCD's user, rather than pre-configured scripts. I...
CVE-2024-56321
CVE-2024-56321 (GoCD) affects GoCD 18.9.0–24.4.0. The issue allows admins to abuse the backup configuration “post-backup script” to run arbitrary scripts on the hosting server/container as the GoCD user. In practice, impact is limited since an admin typically has host permissions, but in restrict...