Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Very High
Please see https://blog.sonarsource.com/gocd-pre-auth-pipeline-takeover.
3
Attacker Value
Unknown

CVE-2021-43287

Disclosure Date: April 14, 2022 (last updated December 06, 2023)
An issue was discovered in ThoughtWorks GoCD before 21.3.0. The business continuity add-on, which is enabled by default, leaks all secrets known to the GoCD server to unauthenticated attackers.