CVE-2024-53351 Information

Description

Insecure permissions in pipecd v0.49 allow attackers to gain access to the service account’s token leading to escalation of privileges.

Reference

https://gist.github.com/HouqiyuA/948a808b8bd48b17b37a4d5e0b6fb005 https://github.com/pipe-cd/pipecd https://pipecd.dev/