3 matches found
CVE-2022-39217 Improper Neutralization of Formula Elements in a CSV File in ghas-to-csv
some-natalie/ghas-to-csv GitHub Advanced Security to CSV is a GitHub action which scrapes the GitHub Advanced Security API and shoves it into a CSV. In affected versions this GitHub Action creates a CSV file without sanitizing the output of the APIs. If an alert is dismissed or any other custom...
CVE-2022-39217
CVE-2022-39217 affects the GitHub Action some-natalie/ghas-to-csv (GitHub Advanced Security to CSV). The action creates a CSV from the GitHub Advanced Security API without sanitizing API output, enabling potential execution of arbitrary code if a dismissible alert or custom field contains executa...
CVE-2022-39217 Improper Neutralization of Formula Elements in a CSV File in ghas-to-csv
some-natalie/ghas-to-csv GitHub Advanced Security to CSV is a GitHub action which scrapes the GitHub Advanced Security API and shoves it into a CSV. In affected versions this GitHub Action creates a CSV file without sanitizing the output of the APIs. If an alert is dismissed or any other custom...