Vulnerabilities > Pivotal Software > Concourse > 5.5.11
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-08-12 | CVE-2020-5415 | Authentication Bypass by Spoofing vulnerability in Pivotal Software Concourse Concourse, versions prior to 6.3.1 and 6.4.1, in installations which use the GitLab auth connector, is vulnerable to identity spoofing by way of configuring a GitLab account with the same full name as another user who is granted access to a Concourse team. | 10.0 |
2018-03-13 | CVE-2018-1227 | Unspecified vulnerability in Pivotal Software Concourse Pivotal Concourse after 2018-03-05 might allow remote attackers to have an unspecified impact, if a customer obtained the Concourse software from a DNS domain that is no longer controlled by Pivotal. | 7.5 |