CVE-2021-43289

Published April 14th, 2022

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

MEDIUM

Affected

PROJECT

Description

An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker who has compromised a GoCD agent can upload a malicious file into an arbitrary directory of a GoCD server, but does not control the filename.

gocd/gocd

GoCD - Continuous Delivery server main repository

GitHub

7.4K