4 matches found
CVE-2025-55192
HomeAssistant-Tapo-Control exposes a code injection vulnerability in its GitHub Actions workflow .github/workflows/issues.yml, prior to commit 2a3b80f. The workflow directly inserts user-controlled content from the issue body (github.event.issue.body) into a Bash conditional without proper saniti...
CVE-2025-55192 HomeAssistant-Tapo-Control Code Injection Vulnerability in issues.yml Workflow
HomeAssistant-Tapo-Control offers Control for Tapo cameras as a Home Assistant component. Prior to commit 2a3b80f, there is a code injection vulnerability in the GitHub Actions workflow .github/workflows/issues.yml. It does not affect users of the Home Assistant integration itself — it only impac...
PT-2025-33340 · Unknown +2 · Homeassistant-Tapo-Control +3
Name of the Vulnerable Software and Affected Versions: HomeAssistant-Tapo-Control versions prior to commit 2a3b80f Description: HomeAssistant-Tapo-Control, a component offering control for Tapo cameras within Home Assistant, contained a code injection vulnerability in the GitHub Actions workflow...
HomeAssistant-Tapo: Cameras Control 代码注入漏洞
HomeAssistant-Tapo: Cameras Control is a Tapo camera controller by the individual developer Juraj Nyíri. A code injection vulnerability exists in HomeAssistant-Tapo: Cameras Control, which stems from a code injection vulnerability in the GitHub Actions workflow that could lead to the execution of...