GoCD Agent

by ThoughtWorks, Inc.v21.2.0-12498

Last updated Jun 8, 2026

FREE & OPEN SOURCE CI/CD SERVER Easily model and visualize complex workflows with GoCD.

Install with winget

$ winget install --id GoCD.Agent --exact --version 21.2.0-12498

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Silent install command for GoCD Agent

GoCD Agent uses EXE (NSIS). The silent install switches are /S.

One-line silent install (x64, machine scope)

go-agent-21.2.0-12498-jre-64bit-setup.exe /S

See the full silent install reference for GoCD Agent →

Built by Pckgr

For Intune admins

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.

Start free 30-day trial

No credit card required.

Installers · v21.2.0-12498

Architecture	Type	Scope	Install	Download
x64	EXE NSIS	machine		Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.

Security

23 known CVEs via NVD

high7.1Fix in v24.5.0CVE-2024-56324affects before 24.5.0Jan 3, 2025
GoCD is a continuous deliver server. GoCD versions prior to 24.4.0 can allow GoCD "group admins" to abuse ability to edit the raw XML configuration for groups they administer to trigger XML External Entity (XXE) injection on the GoCD server. Theoretically, the XXE vulnerability...
Patch Vendor advisory
high7.2Fix in v24.5.0CVE-2024-56322affects before 24.5.0Jan 3, 2025
GoCD is a continuous deliver server. GoCD versions 16.7.0 through 24.4.0 (inclusive) can allow GoCD admins to abuse a hidden/unused configuration repository (pipelines as code) feature to allow XML External Entity (XXE) injection on the GoCD Server which will be executed when Go...
Patch Vendor advisory
low3.8Fix in v24.5.0CVE-2024-56321affects before 24.5.0Jan 3, 2025
GoCD is a continuous deliver server. GoCD versions 18.9.0 through 24.4.0 (inclusive) can allow GoCD admins to abuse the backup configuration "post-backup script" feature to potentially execute arbitrary scripts on the hosting server or container as GoCD's user, rather than pre-c...
Patch Vendor advisory
high8.8Fix in v24.5.0CVE-2024-56320affects before 24.5.0Jan 3, 2025
GoCD is a continuous deliver server. GoCD versions prior to 24.5.0 are vulnerable to admin privilege escalation due to improper authorization of access to the admin "Configuration XML" UI feature, and its associated API. A malicious insider/existing authenticated GoCD user with...
Patch Vendor advisory
low3.1Fix in v24.1.0CVE-2024-28866affects before 24.1.0May 14, 2024
GoCD is a continuous delivery server. GoCD versions from 19.4.0 to 23.5.0 (inclusive) are potentially vulnerable to a reflected cross-site scripting vulnerability on the loading page displayed while GoCD is starting, via abuse of a `redirect_to` query parameter with inadequate v...
Patch Vendor advisory
medium4.2Fix in v23.1.0CVE-2023-28630affects before 23.1.0Mar 27, 2023
GoCD is an open source continuous delivery server. In GoCD versions from 20.5.0 and below 23.1.0, if the server environment is not correctly configured by administrators to provide access to the relevant PostgreSQL or MySQL backup tools, the credentials for database access may b...
Patch Vendor advisory
medium5.4Fix in v23.1.0CVE-2023-28629affects before 23.1.0Mar 27, 2023
GoCD is an open source continuous delivery server. GoCD versions before 23.1.0 are vulnerable to a stored XSS vulnerability, where pipeline configuration with a malicious pipeline label configuration can affect browser display of pipeline runs generated from that configuration....
Patch Vendor advisory
critical9.1Patched in wingetCVE-2022-39311affects before 21.1.0Oct 14, 2022
GoCD is a continuous delivery server. GoCD helps you automate and streamline the build-test-release cycle for continuous delivery of your product. GoCD versions prior to 21.1.0 are vulnerable to remote code execution on the server from a malicious or compromised agent. The Sprin...
Patch Vendor advisory

Showing 8 of 23. Source: NVD, updated 4h ago. Patch status is best-effort: NVD's fix version is compared against the latest version in winget, but the two version formats don't always align. Confirm with the vendor advisory before treating any specific build as safe.

See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.

Related apps

GoCD ServerThoughtWorks, Inc.
GoCD.Serverv21.2.0-12498
FREE & OPEN SOURCE CI/CD SERVER Easily model and visualize complex workflows with GoCD.
O
Ollama (Portable)Ollama
Ollama.Ollama.Portablev0.20.2
Start building with open models.
RcloneRclone
Rclone.Rclonev1.74.3
Rclone ("rsync for cloud storage") is a command-line program to sync files and directories to and from different cloud storage providers.
M
mediamtxbluenviron
bluenviron.mediamtxv1.19.1
Ready-to-use SRT / WebRTC / RTSP / RTMP / LL-HLS media server and media proxy that allows to read, publish, proxy, record and playback video and audio streams.
A
Active@ Data BurnerLSoft Technologies Inc
LSoftTechnologies.ActiveDataBurnerv25.0.1
Burn CD, DVD and Blu-ray discs with ease
Ikemen GOIkemen GO
IkemenGO.IkemenGOv0.99.0
Ikemen GO is an open source fighting game engine that supports resources from the M.U.G.E.N engine, written in Google’s programming language, Go. It is a complete rewrite of a prior engine known simply as Ikemen.

More from ThoughtWorks, Inc. or browse cd, ci, go.

Frequently asked questions

How do I install GoCD Agent on Windows?

Open Windows Terminal, PowerShell, or Command Prompt and run: winget install --id GoCD.Agent --exact --version 21.2.0-12498. winget downloads the installer from ThoughtWorks, Inc. and runs it. Requires Windows 10 (1809+) or Windows 11.

How do I install GoCD Agent silently for unattended deployment?

Add --silent and accept the agreements upfront: winget install --id GoCD.Agent --exact 21.2.0-12498 --silent --accept-package-agreements --accept-source-agreements. This is the variant Intune, Configuration Manager, and other deployment tools should use.

What are the silent install switches for GoCD Agent?

GoCD Agent uses EXE (NSIS). Run the downloaded installer with: go-agent-21.2.0-12498-jre-64bit-setup.exe /S. The silent switches are /S.

How do I uninstall GoCD Agent via winget?

Run: winget uninstall --id GoCD.Agent --exact. Add --silent for unattended uninstalls. winget will use the registered uninstaller from GoCD Agent's Apps & Features entry.

Is GoCD Agent free?

GoCD Agent is distributed under Apache License 2.0. Refer to the publisher (https://www.gocd.org/why-gocd/) for the full license terms - Wingetly itself does not charge for installation.

Does GoCD Agent work on Windows 10?

Yes, as long as your Windows 10 build supports winget (1809 or newer). winget ships with App Installer on Windows 10/11 and pulls GoCD Agent directly from the publisher.

How do I keep GoCD Agent up to date?

Run winget upgrade --id GoCD.Agent --exact, or winget upgrade --all to update everything winget tracks. We index 2 versions of GoCD Agent from microsoft/winget-pkgs.

Recent versions

21.2.0-12498latest
21.1.0