Affected by GO-2024-2998
and 1 other vulnerabilities
GO-2024-2998: Woodpecker's custom environment variables allow to alter execution flow of plugins in go.woodpecker-ci.org/woodpecker
GO-2024-2999: Woodpecker's custom workspace allow to overwrite plugin entrypoint executable in go.woodpecker-ci.org/woodpecker
The highest tagged major version is
v2.