GoCD has eliminated the risk of verifying the highly critical authentication vulnerability in its GoCD CI / CD tool. GoCD is an open source tool for Continuous Integration and Continuous Delivery (CI / CD) system used by software developers and organizations to automate software delivery.
In addition, the Business Continuity feature has also been temporarily disabled as part of the changes. GoCD said in the advisory that “This release has important security fixes and upgrades to lots of internal components. We recommend all users to upgrade to this version to safeguard your GoCD server”.
Scannell explained that being at risk of “critical” verification may allow an unauthorized attacker to view very sensitive data and read conflicting files on the GoCD server.
Read More: securezoo
For more such updates follow us on Google News ITsecuritywire News