Security: concourse/concourse
Security Advisories
View information about security vulnerabilities from this repository's maintainers.
-
Team scope authorization bypass when Post/Put request with :team_name in body, allows HTTP parameter pollutionGHSA-5jp2-vwrj-99rf published
Oct 19, 2022 by rui42Moderate severity -
GitLab auth uses full name instead of username as user ID, allowing impersonationGHSA-627p-rr78-99rj published
Aug 11, 2020 by vitoCritical severity