Woodpecker CI Pipeline Approval Bypass via Git Commit Author Spoofing

Executive Summary

CVE-2026-58370 is a critical authentication bypass vulnerability in Woodpecker versions before 3.15.0 affecting the GitLab forge driver.

The vulnerability arises because Woodpecker matches the ApprovalAllowedUsers bypass list against pipeline.Author, which in the GitLab driver is populated from the git commit author name (commit.author.name) in the webhook payload. This commit author name is attacker-controlled and not verified by GitLab.

An attacker who can open a merge request from a fork can set the commit author name to match an entry in ApprovalAllowedUsers, causing the system to incorrectly determine that the pipeline does not need approval (needsApproval returns false).

This bypasses the fork-approval security boundary, allowing execution of attacker-controlled pipeline steps on a Woodpecker agent and potential exfiltration of CI secrets exposed to the run.

Other forge drivers such as Gitea, Forgejo, GitHub, and Bitbucket are not affected because they derive pipeline.Author from validated forge sender/actor identities.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can have severe impacts including unauthorized execution of attacker-controlled pipeline steps within your Woodpecker CI environment.

Because the attacker can bypass the approval gate by spoofing the commit author name, malicious code can run without the required approvals.

This can lead to exfiltration of CI secrets that are exposed to the pipeline run, potentially compromising sensitive credentials, tokens, or other confidential information.

Overall, it undermines the security boundary intended to protect your CI/CD process from untrusted code execution.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves the pipeline.Author field being set from the git commit author name in webhook payloads, which is attacker-controlled and not verified by GitLab. Detection would involve monitoring webhook payloads or pipeline runs for suspicious commit author names that match entries in the ApprovalAllowedUsers list but originate from forked merge requests.

Since the commit author name is attacker-controlled, you can detect potential exploitation by inspecting recent pipeline runs triggered by merge requests from forks and checking if the commit author name matches any user in the ApprovalAllowedUsers list unexpectedly.

Suggested commands might include querying your Woodpecker CI logs or API for pipeline runs triggered by forked merge requests and extracting the commit author names to compare against your ApprovalAllowedUsers list.

• Use API or logs to list recent pipeline runs from forked merge requests.
• Extract commit author names from webhook payloads or pipeline metadata.
• Compare extracted commit author names against the ApprovalAllowedUsers list to identify suspicious matches.

Useful 0 Not Useful 0

Mitigation Strategies

The primary mitigation is to upgrade Woodpecker to version 3.15.0 or later, where the pipeline author attribution for GitLab is changed to use the GitLab username (hook.User.Username) instead of the commit author name, which is attacker-controlled.

This change ensures that the pipeline.Author field is derived from a validated GitLab user identity rather than the untrusted commit author name, preventing the approval bypass.

Until you can upgrade, consider restricting or auditing merge requests from forks and reviewing the ApprovalAllowedUsers list to minimize exposure.

Useful 0 Not Useful 0