6 matches found
CVE-2025-47775
Bullfrog is a GithHb Action to block unauthorized outbound traffic in GitHub workflows. Prior to version 0.8.4, using tcp breaks blocking and allows DNS exfiltration. This can result in sandbox bypass. Version 0.8.4 fixes the issue...
CVE-2025-47775 Bullfrog's DNS over TCP bypasses domain filtering
Bullfrog is a GithHb Action to block unauthorized outbound traffic in GitHub workflows. Prior to version 0.8.4, using tcp breaks blocking and allows DNS exfiltration. This can result in sandbox bypass. Version 0.8.4 fixes the issue...
CVE-2025-47775
The CVE-2025-47775 refers to Bullfrog, a GitHub Action that blocks unauthorized outbound traffic in workflows. The issue: before version 0.8.4, Bullfrog’s TCP handling could bypass the intended block, enabling DNS data exfiltration and a sandbox bypass. Affected version range includes all release...
CVE-2025-47775 Bullfrog's DNS over TCP bypasses domain filtering
Bullfrog is a GithHb Action to block unauthorized outbound traffic in GitHub workflows. Prior to version 0.8.4, using tcp breaks blocking and allows DNS exfiltration. This can result in sandbox bypass. Version 0.8.4 fixes the issue...
Bullfrog 安全漏洞
Bullfrog is a simple plug-and-play Github tool open-sourced by Bullfrog Security. A security vulnerability exists in Bullfrog versions prior to 0.8.4, which stems from improper use of TCP leading to DNS data exfiltration that may bypass sandbox restrictions...
PT-2025-21175 · Bullfrog · Bullfrog
Name of the Vulnerable Software and Affected Versions: Bullfrog versions prior to 0.8.4 Description: Bullfrog is a GitHub Action to block unauthorized outbound traffic in GitHub workflows. Prior to version 0.8.4, using tcp breaks blocking and allows DNS exfiltration, which can result in sandbox...