23 matches found
CVE-2021-43287
CVE-2021-43287 affects ThoughtWorks GoCD prior to 21.3.0. The vulnerability is an information-disclosure flaw in the default-enabled business-continuity add-on, allowing unauthenticated attackers to leak all secrets known to the GoCD server (e.g., build secrets, encryption keys). The linked sourc...
CVE-2024-56320
GoCD before 24.5.0 is vulnerable to admin privilege escalation via improper authorization of the admin “Configuration XML” UI and related API. An authenticated GoCD user with an existing account can access information intended only for admins or elevate privileges to admin, with exploitation requ...
CVE-2021-43290
ThoughtWorks GoCD before 21.3.0 is affected. An attacker who gains control of a GoCD agent can upload a malicious file into a server directory, with the file name controllable but the directory placed within an untrusted path. Affected component: GoCD server handling uploaded files; root cause: d...
CVE-2022-24832
The CVE-2022-24832 issue affects GoCD where the bundled gocd-ldap-authentication-plugin does not properly escape special characters in LDAP usernames when constructing LDAP queries. This can enable an LDAP-authenticated GoCD user to craft and execute malicious queries to infer facts about other L...
CVE-2021-43288
Summary: CVE-2021-43288 affects ThoughtWorks GoCD before 21.3.0. If an attacker controls a GoCD Agent, they can inject malicious JavaScript into a failed Job Report, enabling cross‑site scripting in affected dashboards. Affected product/branch: ThoughtWorks GoCD server (versions prior to 21.3.0)....
CVE-2022-29184
GoCD vulnerability (CVE-2022-29184) : In GoCD versions prior to 22.1.0, authenticated admins who can edit or create pipeline materials or configuration repositories can trigger remote code execution on the GoCD server by configuring a malicious branch name that abuses Mercurial hooks/aliases duri...
CVE-2021-43286
ThoughtWorks GoCD prior to 21.3.0 is affected by a command-line injection vulnerability in the Git URL “Test Connection” feature. An attacker who has privileges to create a new pipeline can exploit this to execute arbitrary code on the GoCD server. The issue is concrete in GoCD from the public ad...
CVE-2021-43289
CVE-2021-43289 affects ThoughtWorks GoCD prior to 21.3.0. If an attacker compromises a GoCD agent, they can upload a malicious file into an arbitrary directory on the GoCD server, without controlling the filename. This indicates an upload path traversal risk at the server side. The issue is addre...
CVE-2022-29182
GoCD versions 19.11.0–21.4.0 are vulnerable to a DOM-based XSS in the Stage Details > Graphs tab. An attacker-hosted page can abuse the messaging channel between the parent page and the stage-graphs iframe to execute script in the user’s browser context, potentially exfiltrating session cookie...
CVE-2022-29183
CVE-2022-29183 affects ThoughtWorks GoCD (versions 20.2.0–21.4.0). A reflected cross-site scripting vulnerability stems from the pipeline comparison function’s error handling, allowing an attacker to render arbitrary HTML in the returned page and potentially manipulate resources accessible to the...
CVE-2022-39310
CVE-2022-39310 affects GoCD prior to 21.1.0, where an authenticated agent could impersonate another agent due to broken access control and incorrect validation of agent tokens. This could cause disclosure of credentials contained in work packages assigned to other agents. Exploitation requires kn...
CVE-2021-44659
GoCD server version 21.3.0 contains a possible Server Side Request Forgery (SSRF) when adding a new pipeline. The issue stems from how outbound requests are handled/validated, with multiple connected sources attributing the vulnerability to inadequate input validation and configuration of outboun...
CVE-2022-39308
GoCD versions 19.2.0–19.10.0 are vulnerable to a timing-attack in access token validation due to non–constant-time string comparison, potentially enabling brute-forcing of API tokens. The issue is fixed in GoCD 19.11.0. Workarounds include rate limiting or introducing random delays at the GoCD se...
CVE-2022-36088
GoCD Windows installations prior to 22.2.0 allow inadequate permission restrictions when installed outside the default location, potentially enabling a local attacker to modify executables or components of the GoCD server/agent installation. The issue does not affect zip-based installs, installat...
CVE-2022-39309
GoCD server (versions prior to 21.1.0) leaks the symmetric key used to encrypt/decrypt secure variables in configuration to authenticated agents during material serialization. A compromised trusted agent could exfiltrate the key from memory and potentially decrypt secrets for other agents/environ...
CVE-2022-39311
CVE-2022-39311 affects GoCD (continuous delivery server). The vulnerability lies in the Spring RemoteInvocation endpoint, which exposed agent communication and allowed deserialization of arbitrary Java objects, enabling remote code execution on the server. Exploitation requires agent-level authen...
CVE-2024-56324
GoCD versions prior to 24.4.0 allow group admins to abuse the ability to edit raw XML configuration for groups, triggering an XML External Entity (XXE) injection on the GoCD server. This can potentially lead to SSRF, information disclosure, and directory traversal, though exploitation specifics a...
CVE-2024-28866
CVE-2024-28866 (GoCD) affects GoCD versions 19.4.0–23.5.0 with a reflected XSS on the startup loading page via an inadequately validated redirect_to query parameter. An attacker could lure a user to open a crafted link during startup (when the server is starting but not fully started); the attack...
CVE-2021-25924
GoCD versions 19.6.0–21.1.0 are vulnerable to CSRF due to missing protection on the /go/api/config/backup endpoint. An attacker can lure a victim to a malicious link, potentially altering backup configurations or executing commands in the post_backup_script field. The provided sources describe th...
CVE-2024-56321
CVE-2024-56321 (GoCD) affects GoCD 18.9.0–24.4.0. The issue allows admins to abuse the backup configuration “post-backup script” to run arbitrary scripts on the hosting server/container as the GoCD user. In practice, impact is limited since an admin typically has host permissions, but in restrict...
CVE-2024-56322
CVE-2024-56322 affects GoCD (versions 16.7.0 through 24.4.0). The root cause is an abuse of a hidden/unused configuration repository (pipelines as code) feature that enables XML External Entity (XXE) injection on the GoCD Server. This injection is triggered when GoCD scans configuration repositor...
CVE-2023-28630
CVE-2023-28630 affects GoCD versions 20.5.0 through 23.1.0. When backups are enabled but the server cannot access the required backup binaries (pg_dump for PostgreSQL or mysqldump for MySQL), a failure to launch the backup utility can leak the plaintext database password in admin alerts. The flaw...
CVE-2023-28629
GoCD (open-source CI/CD server) prior to version 23.1.0 is vulnerable to stored XSS via a malicious pipeline label configuration in the label template. When a user with pipeline-configure permissions creates a pipeline with crafted label data, the vulnerability can affect browser displays of Valu...