Lucene search

K
osvGoogleOSV:GHSA-H563-XH25-X54Q
HistoryAug 09, 2021 - 8:37 p.m.

Workflow re-write vulnerability using input parameter

2021-08-0920:37:50
Google
osv.dev
7

EPSS

0.001

Percentile

39.3%

Impact

  • Allow end-users to set input parameters, but otherwise expect workflows to be secure.

Patches

Not yet.

Workarounds

  • Set EXPRESSION_TEMPLATES=false for the workflow controller

References

For more information

If you have any questions or comments about this advisory:

EPSS

0.001

Percentile

39.3%

Related for OSV:GHSA-H563-XH25-X54Q