PT-2024-40108 · Github Actions · Dawidd6/Action-Download-Artifact
Name of the Vulnerable Software and Affected Versions: dawidd6/action-download-artifact versions prior to v6 Description: The issue allows an unprivileged attacker to introduce compromised artifacts into a privileged workflow context by exploiting the default behavior of searching a repository's...