CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-24832 – Bundled ldap-authentication-plugin fails to neutralise LDAP special elements in usernames
https://notcve.org/view.php?id=CVE-2022-24832
11 Apr 2022 — GoCD is an open source a continuous delivery server. The bundled gocd-ldap-authentication-plugin included with the GoCD Server fails to correctly escape special characters when using the username to construct LDAP queries. While this does not directly allow arbitrary LDAP data exfiltration, it can allow an existing LDAP-authenticated GoCD user with malicious intent to construct and execute malicious queries, allowing them to deduce facts about other users or entries within the LDAP database (e.g alternate f... • https://docs.gocd.org/22.1.0/configuration/dev_authentication.html#ldapad-authentication • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2021-44659
https://notcve.org/view.php?id=CVE-2021-44659
22 Dec 2021 — Adding a new pipeline in GoCD server version 21.3.0 has a functionality that could be abused to do an un-intended action in order to achieve a Server Side Request Forgery (SSRF). NOTE: the vendor's position is that the observed behavior is not a vulnerability, because the product's design allows an admin to configure outbound requests **EN DISPUTA** La adición de una nueva tubería en GoCD server versión 21.3.0, presenta una funcionalidad que podría ser abusada para realizar una acción no intencionada con el... • https://github.com/Mesh3l911/CVE-2021-44659 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-25924
https://notcve.org/view.php?id=CVE-2021-25924
01 Apr 2021 — In GoCD, versions 19.6.0 to 21.1.0 are vulnerable to Cross-Site Request Forgery due to missing CSRF protection at the `/go/api/config/backup` endpoint. An attacker can trick a victim to click on a malicious link which could change backup configurations or execute system commands in the post_backup_script field. En GoCD, versiones 19.6.0 hasta 21.1.0, son vulnerables a un ataque de tipo Cross-Site Request Forgery debido a la falta de protección CSRF en el endpoint "/go/api/config/backup". Un atacante pu... • https://github.com/gocd/gocd/commit/7d0baab0d361c377af84994f95ba76c280048548 • CWE-352: Cross-Site Request Forgery (CSRF) •