Impact
The server allow to create any user who can trigger a pipeline run malicious workflows:
- Those workflows can either lead to a host takeover that runs the agent executing the workflow.
- Or allow to extract the secrets who would be normally provided to the plugins who's entrypoint are overwritten.
Patches
#3909
#3934
Workarounds
Is there a way for users to fix or remediate the vulnerability without upgrading?
Enable the "gated" repo feature and review each change upfront of running
References
Credits
- Daniel Kilimnik @D_K_Dev (Neodyme AG)
- Felipe Custodio Romero @localo (Neodyme AG)
Impact
The server allow to create any user who can trigger a pipeline run malicious workflows:
Patches
#3909
#3934
Workarounds
Is there a way for users to fix or remediate the vulnerability without upgrading?
Enable the "gated" repo feature and review each change upfront of running
References
Credits