Vulnerability Details CVE-2023-42798
AutomataCI is a template git repository equipped with a native built-in semi-autonomous CI tools. An issue in versions 1.4.1 and below can let a release job reset the git root repository to the first commit. Version 1.5.0 has a patch for this issue. As a workaround, make sure the `PROJECT_PATH_RELEASE` (e.g. `releases/`) directory is manually and actually `git cloned` properly, making it a different git repostiory from the root git repository.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.7%
CVSS Severity
CVSS v3 Score 8.2
References
Products affected by CVE-2023-42798
-
cpe:2.3:a:hollowaykeanho:automataci:-
-
cpe:2.3:a:hollowaykeanho:automataci:1.3.0
-
cpe:2.3:a:hollowaykeanho:automataci:1.3.1
-
cpe:2.3:a:hollowaykeanho:automataci:1.4.0
-
cpe:2.3:a:hollowaykeanho:automataci:1.4.1