Github.com/concourse/concourse
This hub aggregates every CVE we track for Github.com/concourse/concourse, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
4
CVEs tracked
1
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM2HIGH1CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 4 most recently published vulnerabilities affecting Github.com/concourse/concourse.
- CVE-2022-31683Concourse (7.x.y prior to 7.8.3 and 6.x.y prior to 6.7.9) contains an authorization bypass issue. A Concourse user can send a request with body including :team_name=team2 to bypass team scope check...5.4
- CVE-2020-5415Concourse's GitLab auth allows impersonation10.0
- CVE-2019-3792Concourse 5.0.0 SQL Injection vulnerability6.8
- CVE-2018-15798Pivotal Concourse allows malicious redirect urls on login7.6
Product normalization is registry-driven with AI assist and human review. How it works