CVE-2023-43741 | Buildkite Elastic CI for AWS up to 5.22.4/6.7.0 PIPELINE_PATH toctou (ATREDIS-2023-0003)

Posted by Angelo Barbosa | Dec 22, 2023 | CVE

A vulnerability classified as problematic was found in Buildkite Elastic CI for AWS up to 5.22.4/6.7.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument PIPELINE_PATH leads to time-of-check time-of-use.

This vulnerability is known as CVE-2023-43741. The attack can only be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-43741 | Buildkite Elastic CI for AWS up to 5.22.4/6.7.0 PIPELINE_PATH toctou (ATREDIS-2023-0003)

Related Posts

CVE-2024-42680 | Super Easy Enterprise Management System up to 1.0.0 Single Quotation Mark path traversal

CVE-2024-23946 | Apache OFBiz createRegister information exposure

CVE-2024-0614 | Events Manager Plugin up to 6.4.6.4 on WordPress Setting cross site scripting

CVE-2024-28053 | Mattermost up to 8.1.9/9.4.x Email resource consumption