Home

Description

Insecure permissions in pipecd v0.49 allow attackers to gain access to the service account's token, leading to escalation of privileges.

PUBLISHED Reserved 2024-11-20 | Published 2025-03-21 | Updated 2025-03-24 | Assigner mitre

References

github.com/pipe-cd/pipecd

pipecd.dev/

gist.github.com/HouqiyuA/948a808b8bd48b17b37a4d5e0b6fb005

cve.org (CVE-2024-53351)

nvd.nist.gov (CVE-2024-53351)

Download JSON