CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39309 – GoCD server secret encryption/decryption key leaked to agents during material serialization
https://notcve.org/view.php?id=CVE-2022-39309
14 Oct 2022 — GoCD is a continuous delivery server. GoCD helps you automate and streamline the build-test-release cycle for continuous delivery of your product. GoCD versions prior to 21.1.0 leak the symmetric key used to encrypt/decrypt any secure variables/secrets in GoCD configuration to authenticated agents. A malicious/compromised agent may then expose that key from memory, and potentially allow an attacker the ability to decrypt secrets intended for other agents/environments if they also are able to obtain access t... • https://github.com/gocd/gocd/commit/691b479f1310034992da141760e9c5d1f5b60e8a • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-499: Serializable Class Containing Sensitive Data CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-36088 – GoCD Windows installations outside default location inadequately restrict installation file permissions
https://notcve.org/view.php?id=CVE-2022-36088
07 Sep 2022 — GoCD is a continuous delivery server. Windows installations via either the server or agent installers for GoCD prior to 22.2.0 do not adequately restrict permissions when installing outside of the default location. This could allow a malicious user with local access to the server GoCD Server or Agent are installed on to modify executables or components of the installation. This does not affect zip file-based installs, installations to other platforms, or installations inside `Program Files` or `Program File... • https://github.com/gocd/gocd/commit/96add9605096ab50c5cd4c229be1d503aff506a6 • CWE-269: Improper Privilege Management CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29184 – Command Injection/Argument Injection in GoCD
https://notcve.org/view.php?id=CVE-2022-29184
20 May 2022 — GoCD is a continuous delivery server. In GoCD versions prior to 22.1.0, it is possible for existing authenticated users who have permissions to edit or create pipeline materials or pipeline configuration repositories to get remote code execution capability on the GoCD server via configuring a malicious branch name which abuses Mercurial hooks/aliases to exploit a command injection weakness. An attacker would require access to an account with existing GoCD administration permissions to either create/edit (`h... • https://github.com/gocd/gocd/commit/37d35115db2ada2190173f9413cfe1bc6c295ecb • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29183 – Reflected XSS in GoCD
https://notcve.org/view.php?id=CVE-2022-29183
20 May 2022 — GoCD is a continuous delivery server. GoCD versions 20.2.0 until 21.4.0 are vulnerable to reflected cross-site scripting via abuse of the pipeline comparison function's error handling to render arbitrary HTML into the returned page. This could allow an attacker to trick a victim into executing code which would allow the attacker to operate on, or gain control over the same resources as the victim had access to. This issue is fixed in GoCD 21.4.0. As a workaround, block access to `/go/compare/.*` prior to Go... • https://github.com/gocd/gocd/pull/9829/commits/bda81084c0401234b168437cf35a63390e3064d1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29182 – DOM-based XSS in GoCD
https://notcve.org/view.php?id=CVE-2022-29182
20 May 2022 — GoCD is a continuous delivery server. GoCD versions 19.11.0 through 21.4.0 (inclusive) are vulnerable to a Document Object Model (DOM)-based cross-site scripting attack via a pipeline run's Stage Details > Graphs tab. It is possible for a malicious script on a attacker-hosted site to execute script that will run within the user's browser context and GoCD session via abuse of a messaging channel used for communication between with the parent page and the stage details graph's iframe. This could allow an atta... • https://github.com/gocd/gocd/pull/10190/commits/a256d05de1445e6c77843f098581fc6a66fe4477 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-43286
https://notcve.org/view.php?id=CVE-2021-43286
14 Apr 2022 — An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker with privileges to create a new pipeline on a GoCD server can abuse a command-line injection in the Git URL "Test Connection" feature to execute arbitrary code. Se ha detectado un problema en ThoughtWorks GoCD versiones anteriores a 21.3.0. Un atacante con privilegios para crear un nuevo pipeline en un servidor GoCD puede abusar de una inyección de línea de comandos en la función "Test Connection" de Git URL para ejecutar código arbitra... • https://blog.sonarsource.com/gocd-vulnerability-chain • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-43288
https://notcve.org/view.php?id=CVE-2021-43288
14 Apr 2022 — An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker in control of a GoCD Agent can plant malicious JavaScript into a failed Job Report. Se ha detectado un problema en ThoughtWorks GoCD versiones anteriores a 21.3.0. Un atacante que tenga el control de un agente GoCD puede plantar JavaScript malicioso en un informe de trabajo fallido • https://blog.sonarsource.com/gocd-vulnerability-chain • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-43289
https://notcve.org/view.php?id=CVE-2021-43289
14 Apr 2022 — An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker who has compromised a GoCD agent can upload a malicious file into an arbitrary directory of a GoCD server, but does not control the filename. Se ha detectado un problema en ThoughtWorks GoCD versiones anteriores a 21.3.0. Un atacante que haya comprometido un agente GoCD puede cargar un archivo malicioso en un directorio arbitrario de un servidor GoCD, pero no controla el nombre del archivo • https://blog.sonarsource.com/gocd-vulnerability-chain • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-43290
https://notcve.org/view.php?id=CVE-2021-43290
14 Apr 2022 — An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker who has compromised a GoCD agent can upload a malicious file into a directory of a GoCD server. They can control the filename but the directory is placed inside of a directory that they can't control. Se ha detectado un problema en ThoughtWorks GoCD versiones anteriores a 21.3.0. Un atacante que haya comprometido un agente GoCD puede cargar un archivo malicioso en un directorio de un servidor GoCD. • https://blog.sonarsource.com/gocd-vulnerability-chain • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 67%CPEs: 1EXPL: 2CVE-2021-43287
https://notcve.org/view.php?id=CVE-2021-43287
14 Apr 2022 — An issue was discovered in ThoughtWorks GoCD before 21.3.0. The business continuity add-on, which is enabled by default, leaks all secrets known to the GoCD server to unauthenticated attackers. Se ha detectado un problema en ThoughtWorks GoCD versiones anteriores a 21.3.0. El complemento de continuidad del negocio, que está habilitado por defecto, filtra todos los secretos conocidos por el servidor GoCD a atacantes no autenticados • https://github.com/Wrin9/CVE-2021-43287 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •