JavaCPP Presets is a project providing Java distributions of native C++ libraries. All the actions in the bytedeco/javacpp-presets use the github.event.head_commit.message parameter in an insecure way. For example, the commit message is used in a run statement - resulting in a command injection...
8.8CVSS
8.8AI Score
0.001EPSS