Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A symbolic link following vulnerability in Buildkite Elastic CI for AWS versions prior to 6.7.1 and 5.22.5 allows the buildkite-agent user to change ownership of arbitrary directories via the PIPELINE_PATH variable in the fix-buildkite-agent-builds-permissions script.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Buildkite Elastic CI Stack for AWS 安全漏洞
Vulnerability Description
Buildkite Elastic CI Stack for AWS是Buildkite公司的一个应用软件,可以提供私有、自动扩展的 Buildkite Agent集群。 Buildkite Elastic CI Stack for AWS 6.7.1之前版本、5.22.5 之前版本存在安全漏洞,该漏洞源于符号链接允许 buildkite-agent 用户通过 fix-buildkite-agent-builds-permissions 脚本中的 PIPELINE_PATH 变量更改任意目录的所有权。
CVSS Information
N/A
Vulnerability Type
N/A