Description
Woodpecker before 3.15.0 matches the ApprovalAllowedUsers bypass list against pipeline.Author. For the GitLab forge driver, pipeline.Author is populated from the git commit author name (commit.author.name) carried in the webhook payload, which is attacker-controlled and not verified by GitLab. A user who can open a merge request from a fork can set the commit author name to match an entry in ApprovalAllowedUsers, causing needsApproval to return false so the pipeline runs without the required approval. This defeats the fork-approval security boundary and allows execution of attacker-controlled pipeline steps on a Woodpecker agent and exfiltration of CI secrets exposed to the run. Other built-in forge drivers (Gitea, Forgejo, GitHub, Bitbucket) derive pipeline.Author from the forge-validated sender/actor identity and are not affected.
Published: 2026-06-30
Score: 9.2 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Woodpecker versions before 3.15.0 compare the pipeline author against a list of approved users. For GitLab forge driver, the pipeline author field is set from the commit author name in the webhook payload, which attackers can control. An attacker who can open a merge request from a fork can set the commit author to match an entry in the approval list, causing the approval check to succeed and the pipeline to run without the required approval. This results in execution of attacker‑controlled pipeline steps on a Woodpecker agent, including possible exfiltration of CI secrets. The weakness is a classic authorization bypass (CWE‑290).

Affected Systems

Manufacturer: Woodpecker‑CI; product: Woodpecker; affected versions: any release prior to 3.15.0. Other forge drivers such as Gitea, Forgejo, GitHub, and Bitbucket derive the author from a vetted identity and are not impacted.

Risk and Exploitability

The vulnerability has a high CVSS score of 9.2, indicating a severe security impact. EPSS data is not available and the issue is not listed in the CISA KEV catalog, but the exploitability remains possible through the GitLab webhook mechanism. The likely attack vector is through a merge request from a fork, where the attacker can supply a forged commit author name. Successful exploitation results in unauthorized pipeline execution and access to any secrets supplied to the run.

Generated by OpenCVE AI on June 30, 2026 at 17:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Woodpecker v3.15.0 or later, which fixes the author comparison logic
  • If an upgrade is not immediately possible, restrict or block merge requests from forked repositories in GitLab until the upgrade is applied
  • Actively monitor pipeline executions for unexpected or unapproved runs and audit CI secrets usage for leakage

Generated by OpenCVE AI on June 30, 2026 at 17:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 30 Jun 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 30 Jun 2026 16:45:00 +0000

Type Values Removed Values Added
Description Woodpecker before 3.15.0 matches the ApprovalAllowedUsers bypass list against pipeline.Author. For the GitLab forge driver, pipeline.Author is populated from the git commit author name (commit.author.name) carried in the webhook payload, which is attacker-controlled and not verified by GitLab. A user who can open a merge request from a fork can set the commit author name to match an entry in ApprovalAllowedUsers, causing needsApproval to return false so the pipeline runs without the required approval. This defeats the fork-approval security boundary and allows execution of attacker-controlled pipeline steps on a Woodpecker agent and exfiltration of CI secrets exposed to the run. Other built-in forge drivers (Gitea, Forgejo, GitHub, Bitbucket) derive pipeline.Author from the forge-validated sender/actor identity and are not affected.
Title Woodpecker < 3.15.0 - GitLab Approval Gate Bypass via Spoofable Commit Author Name
First Time appeared Woodpecker-ci
Woodpecker-ci woodpecker
Weaknesses CWE-290
CPEs cpe:2.3:a:woodpecker-ci:woodpecker:*:*:*:*:*:*:*:*
Vendors & Products Woodpecker-ci
Woodpecker-ci woodpecker
References
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 9.2, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Woodpecker-ci Woodpecker
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-30T17:13:07.424Z

Reserved: 2026-06-30T12:15:07.392Z

Link: CVE-2026-58370

cve-icon Vulnrichment

Updated: 2026-06-30T17:06:57.043Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-30T21:00:13Z

Weaknesses
  • CWE-290

    Authentication Bypass by Spoofing