Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/08/07 11:32 p.m.8 views

CVE-2025-54594

react-native-bottom-tabs is a library of Native Bottom Tabs for React Native. In versions 0.9.2 and below, the github/workflows/release-canary.yml GitHub Actions repository workflow improperly used the pullrequesttarget event trigger, which allowed for untrusted code from a forked pull request to...

9.1CVSS6.6AI score0.00463EPSS
Exploits0References1
Circl
Circl
added 2025/08/06 1:18 a.m.14 views

CVE-2025-54594

creationtimestamp| type| source ---|---|--- 2025-08-06 01:18:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvp2isokrp2s 2025-08-06 01:31:42+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lvp3arpj7o2u 2025-08-06 07:58:12+00:00| seen|...

9.1CVSS5.8AI score0.00463EPSS
Exploits0References3
NVD
NVD
added 2025/08/06 12:15 a.m.7 views

CVE-2025-54594

react-native-bottom-tabs is a library of Native Bottom Tabs for React Native. In versions 0.9.2 and below, the github/workflows/release-canary.yml GitHub Actions repository workflow improperly used the pullrequesttarget event trigger, which allowed for untrusted code from a forked pull request to...

9.1CVSS0.00463EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/08/05 11:31 p.m.10 views

CVE-2025-54594 react-native-bottom-tabs: Arbitrary code execution in GitHub Actions canary workflow leads to secret exfiltration

react-native-bottom-tabs is a library of Native Bottom Tabs for React Native. In versions 0.9.2 and below, the github/workflows/release-canary.yml GitHub Actions repository workflow improperly used the pullrequesttarget event trigger, which allowed for untrusted code from a forked pull request to...

9.1CVSS0.00463EPSS
Exploits0References3
OSV
OSV
added 2025/08/05 11:31 p.m.6 views

CVE-2025-54594 react-native-bottom-tabs: Arbitrary code execution in GitHub Actions canary workflow leads to secret exfiltration

react-native-bottom-tabs is a library of Native Bottom Tabs for React Native. In versions 0.9.2 and below, the github/workflows/release-canary.yml GitHub Actions repository workflow improperly used the pullrequesttarget event trigger, which allowed for untrusted code from a forked pull request to...

9.1CVSS7.2AI score0.00463EPSS
Exploits0References5
Rows per page
Query Builder