Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/03/21 3:19 p.m.11 views

CVE-2025-30154

reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use reviewdog/action-setup@v...

8.6CVSS7.4AI score0.02296EPSS
Exploits2References1
Circl
Circl
added 2025/03/19 3:45 p.m.10 views

CVE-2025-30154

creationtimestamp| type| source ---|---|--- 2025-03-19 15:45:35+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114189869676629359 2025-03-19 16:30:54+00:00| seen| Telegram/1nxUJd1r2Vli3BcLbYFmcRkQRAx1kOCE3f---QAF-WqkIU 2025-03-19 17:21:01+00:00| published-proof-of-concept|...

8.6CVSS7.5AI score0.02296EPSS
Exploits2References23
Vulnrichment
Vulnrichment
added 2025/03/19 3:15 p.m.8 views

CVE-2025-30154 Multiple Reviewdog actions were compromised during a specific time period

reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use reviewdog/action-setup@v...

8.6CVSS8.7AI score0.02296EPSS
Exploits2References5
CVE
CVE
added 2025/03/19 3:15 p.m.308 views

CVE-2025-30154

CVE-2025-30154 involves the GitHub Action reviewdog/action-setup@v1, which was compromised on 2025-03-11 (18:42–20:31 UTC). The malicious code dumps exposed secrets to GitHub Actions workflow logs. Related reviewdog actions that rely on action-setup@v1 (including action-shellcheck, action-composi...

8.6CVSS8.7AI score0.02296EPSS
In wildExploits2References6Affected Software6
OSV
OSV
added 2025/03/19 3:15 p.m.10 views

CVE-2025-30154 Multiple Reviewdog actions were compromised during a specific time period

reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use reviewdog/action-setup@v...

8.6CVSS8.5AI score0.02296EPSS
Exploits2References8
Cvelist
Cvelist
added 2025/03/19 3:15 p.m.49 views

CVE-2025-30154 Multiple Reviewdog actions were compromised during a specific time period

reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use reviewdog/action-setup@v...

8.6CVSS0.02296EPSS
Exploits2References5
ATTACKERKB
ATTACKERKB
added 2025/03/19 12:0 a.m.15 views

CVE-2025-30154

reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use reviewdog/action-setup@v...

8.6CVSS7.4AI score0.02296EPSS
In wildExploits2References6
Rows per page
Query Builder