Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
buildkite elastic ci stack vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2023-43741
A time-of-check-time-of-use race condition vulnerability in Buildkite Elastic CI for AWS versions before 6.7.1 and 5.22.5 allows the buildkite-agent user to bypass a symbolic link check for the PIPELINE_PATH variable in the fix-buildkite-agent-builds-permissions script.
Buildkite Elastic Ci Stack
7.8
CVSSv3
CVE-2023-43116
A symbolic link following vulnerability in Buildkite Elastic CI for AWS versions before 6.7.1 and 5.22.5 allows the buildkite-agent user to change ownership of arbitrary directories via the PIPELINE_PATH variable in the fix-buildkite-agent-builds-permissions script.
Buildkite Elastic Ci Stack
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started