CVE-2021-43286

An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker with privileges to create a new pipeline on a GoCD server can abuse a command-line injection in the Git URL "Test Connection" feature to execute arbitrary code.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:thoughtworks:gocd:*:*:*:*:*:*:*:*

Information

Published : 2022-04-14 06:15

Updated : 2022-04-21 13:39


NVD link : CVE-2021-43286

Mitre link : CVE-2021-43286


JSON object : View

CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

Advertisement

dedicated server usa

Products Affected

thoughtworks

  • gocd