Buildkite

buildkite

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Elastic Ci Stack

elastic_ci_stack

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-43741 1Buildkite 1Elastic Ci Stack Nov 21, 2024 Dec 22, 2023 N/A· v4 7.0 HIGH· v3 N/A· v2 A time-of-check-time-of-use race condition vulnerability in Buildkite Elastic CI for AWS versions prior to 6.7.1 and 5.22.5 allows the buildkite-agent user to bypass a symbolic link check for the PIPELINE_PATH variable i...Show more A time-of-check-time-of-use race condition vulnerability in Buildkite Elastic CI for AWS versions prior to 6.7.1 and 5.22.5 allows the buildkite-agent user to bypass a symbolic link check for the PIPELINE_PATH variable in the fix-buildkite-agent-builds-permissions script.Show less
CVE-2023-43116 1Buildkite 1Elastic Ci Stack Nov 21, 2024 Dec 22, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 A symbolic link following vulnerability in Buildkite Elastic CI for AWS versions prior to 6.7.1 and 5.22.5 allows the buildkite-agent user to change ownership of arbitrary directories via the PIPELINE_PATH variable in th...Show more A symbolic link following vulnerability in Buildkite Elastic CI for AWS versions prior to 6.7.1 and 5.22.5 allows the buildkite-agent user to change ownership of arbitrary directories via the PIPELINE_PATH variable in the fix-buildkite-agent-builds-permissions script.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2023-43741

1Buildkite

1Elastic Ci Stack

Nov 21, 2024

Dec 22, 2023

N/A· v4

7.0 HIGH· v3

N/A· v2

A time-of-check-time-of-use race condition vulnerability in Buildkite Elastic CI for AWS versions prior to 6.7.1 and 5.22.5 allows the buildkite-agent user to bypass a symbolic link check for the PIPELINE_PATH variable i...Show more

CVE-2023-43116