Woodpecker-ci Woodpecker — known CVE vulnerabilities
Every CVE whose affected-product data names Woodpecker-ci Woodpecker, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2024-41121 — CVSS 8.8 (high): Woodpecker is a simple yet powerful CI/CD engine with great extensibility. The server allow to create any user who can trigger a pipeline…
CVE-2023-40034 — CVSS 8.1 (high): Woodpecker is a community fork of the Drone CI system. In affected versions an attacker can post malformed webhook data witch lead to an…
CVE-2024-41122 — CVSS 7.5 (high): Woodpecker is a simple yet powerful CI/CD engine with great extensibility. The server allow to create any user who can trigger a pipeline…
CVE-2022-29947 — CVSS 6.1 (medium): Woodpecker before 0.15.1 allows XSS via build logs because web/src/components/repo/build/BuildLog.vue lacks escaping.