Vulnerability in Gocd
CVE-2022-39308
GoCD is a continuous delivery server. GoCD helps you automate and streamline the build-test-release cycle for continuous delivery of your product. GoCD versions from 19.2.0 to 19.10.0 (inclusive) are subject to a timing attack in validatio…
EPSS: 0.004 (61.4th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N.
Affected products
- Gocd — versions >= 19.2.0, < 19.11.0
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2022-39308?
- CVE-2022-39308 is a medium-severity vulnerability in Gocd, classified under CWE-208. CVSS score: 6.5/10. Published 2022-10-14.
- How severe is CVE-2022-39308?
- Medium severity. CVSS v3 base score is 6.5 out of 10.