Lucene search
PRIOn knowledge basePRION:CVE-2023-27581HistoryMar 13, 2023 - 9:15 p.m.
Design/Logic Flaw
2023-03-1321:15:00
PRIOn knowledge base
www.prio-n.com
3
github
action
vulnerability
security
exfiltration
patched
github-slug-action is a GitHub Action to expose slug value of GitHub environment variables inside of one’s GitHub workflow. Starting in version 4.0.0and prior to version 4.4.1, this action uses thegithub.head_ref` parameter in an insecure way. This vulnerability can be triggered by any user on GitHub on any workflow using the action on pull requests. They just need to create a pull request with a branch name, which can contain the attack payload. This can be used to execute code on the GitHub runners and to exfiltrate any secrets one uses in the CI pipeline. A patched action is available in version 4.4.1. No workaround is available.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github-slug-action | ge | 4.0.0 | |
| github-slug-action | lt | 4.4.1 |
References
Related
cve
cve
CVE-2023-27581
2023-03-13 21:15:14
osv
osv
github-slug-action vulnerable to arbitrary code execution
2023-03-13 20:43:33
CVE-2023-27581
2023-03-13 21:15:14
nvd
nvd
CVE-2023-27581
2023-03-13 21:15:14
cvelist
cvelist
CVE-2023-27581 github-slug-action vulnerable to arbitrary code execution
2023-03-13 20:19:23
github
github
github-slug-action vulnerable to arbitrary code execution
2023-03-13 20:43:33