Anbraten

**Name of the Vulnerable Software and Affected Versions** Woodpecker versions prior to 1.0.2 **Description** An attacker can post malformed webhook data which leads to an update of the repository data, potentially allowing the takeover of a repository. This issue is critical if the CI is configured for public usage and connected to a forge that is also in public usage. **Recommendations** For versions prior to 1.0.2, upgrade to version 1.0.2 or later. For users unable to upgrade, secure the CI system by making it inaccessible to untrusted entities, for example, by placing it behind a firewall.