Skip to main content

Worker

2 CVEs product

Monthly

CVE-2024-28236 Go MEDIUM PATCH This Month

Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Docker Worker
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-39395 Go CRITICAL PATCH Act Now

Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Server Ui Worker
NVD GitHub
CVSS 3.1
9.9
EPSS
1.1%
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Docker Worker
NVD GitHub
EPSS 1% CVSS 9.9
CRITICAL PATCH Act Now

Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Server Ui +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy