3 matches found
CVE-2026-54344
ToolJet is an open-source low-code platform for building internal tools. Prior to 3.20.180, ToolJet's render preview deployment workflow interpolates github.event.comment.body directly into a bash conditional in a run step, allowing any GitHub user who can comment on an open pull request with a...
xygeni-action 安全漏洞
Oxyni-action is a GitHub code security scanning workflow plugin developed by Xygeni. Oxyni-action has a security vulnerability that stems from tag poisoning, which can lead to supply chain attacks, allowing attackers to execute arbitrary commands on the CI runner...
Linux Distros Unpatched Vulnerability : CVE-2017-0918
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gitlab Community Edition version 10.3 is vulnerable to a path traversal issue in the GitLab CI runner component resulting in remote code execution. CVE-2017-091...