Original release date: October 29, 2021
GoCD has released a security update to address a critical authentication vulnerability in GoCD versions 20.6.0 through 21.2.0. GoCD is an open-source Continuous Integration and Continuous Delivery system. A remote attacker could exploit this vulnerability to obtain sensitive information.
CISA encourages users and administrators to update to GoCD 21.3.0 or apply the necessary workarounds.
For more information, see Agent 007: Pre-Auth Takeover of Build Pipelines in GoCD.
This product is provided subject to this Notification and this Privacy & Use policy.
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on…
CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-3502 TrueConf Client…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on…
This website uses cookies.