Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
AutomataCI Release Job Can Revert Repo to First Commit
Vulnerability Description
AutomataCI is a template git repository equipped with a native built-in semi-autonomous CI tools. An issue in versions 1.4.1 and below can let a release job reset the git root repository to the first commit. Version 1.5.0 has a patch for this issue. As a workaround, make sure the `PROJECT_PATH_RELEASE` (e.g. `releases/`) directory is manually and actually `git cloned` properly, making it a different git repostiory from the root git repository.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H
Vulnerability Type
输入验证不恰当
Vulnerability Title
AutomataCI 输入验证错误漏洞
Vulnerability Description
AutomataCI是HollowayKeanHo个人开发者的一个模板 git 存储库。 AutomataCI 1.4.1及之前版本存在输入验证错误漏洞,该漏洞源于允许release job功能将git根存储库重置。
CVSS Information
N/A
Vulnerability Type
N/A