EUVD-2024-0357

Malicious code in bioql PyPI...

MAL-2025-5775 Malicious code in ec2-github-runner (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1c7ca0d5642601c1f68fbd89dabf82a89747d310ed0196ea76061981bed79fd3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ec2-github-runner (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1c7ca0d5642601c1f68fbd89dabf82a89747d310ed0196ea76061981bed79fd3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-28430

OneSignal is an email, sms, push notification, and in-app message service for mobile apps.The Zapier.yml workflow is triggered on issues types: closed i.e., when an Issue is closed. The workflow starts with full write-permissions GitHub repository token since the default workflow permissions on...

CVE-2023-26493

Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the web-interface-check.yml was subject to command injection. The web-interface-check.yml was triggered when a pull request was opened or updated and...

CVE-2023-52137

The tj-actions/verify-changed-files action allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. The verify-changed-files workflow returns the list of files changed within a workflow execution. This could potentially allow...

MAL-2024-2422 Malicious code in github-runner-lambda-syncer (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in github-runner-lambda-syncer (npm)

--- -= Per source details. Do not edit below this line.=-...

Hyperledger: Code exec on Github runner via Pull request name

A command injection vulnerability was discovered in the GitHub Actions workflow of the Hyperledger Cacti repository. The vulnerability allowed an attacker to inject arbitrary commands and execute them on the GitHub runner by crafting a malicious pull request title. The vulnerability was present i...

Potential Actions command injection in output filenames (GHSL-2023-275)

Summary The tj-actions/verify-changed-files action allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. Details The verify-changed-files workflow returns the list of files changed within a workflow execution. This could...

GHSA-MCPH-M25J-8J63 tj-actions/changed-files has Potential Actions command injection in output filenames (GHSL-2023-271)

Summary The tj-actions/changed-files workflow allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. Details The changed-files action returns a list of files changed in a commit or pull request which provides an escapejson...

tj-actions/changed-files has Potential Actions command injection in output filenames (GHSL-2023-271)

Summary The tj-actions/changed-files workflow allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. Details The changed-files action returns a list of files changed in a commit or pull request which provides an escapejson...

CVE-2023-52137

The tj-actions/verify-changed-files action allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. The verify-changed-files workflow returns the list of files changed within a workflow execution. This could potentially allow...

CVE-2023-52137 GitHub Action tj-actions/verify-changed-files is vulnerable to command injection in output filenames

The tj-actions/verify-changed-files action allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. The verify-changed-files workflow returns the list of files changed within a workflow execution. This could potentially allow...

CVE-2023-52137

CVE-2023-52137 affects the tj-actions/verify-changed-files GitHub Action. The vulnerability allows command injection through changed filenames returned by the verify-changed-files workflow, potentially enabling arbitrary code execution on the GitHub Runner and secret leakage when outputs are used...

CVE-2023-51664 tj-actions/changed-files command injection in output filenames

tj-actions/changed-files is a Github action to retrieve all files and directories. Prior to 41.0.0, the tj-actions/changed-files workflow allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. This issue may lead to arbitrar...

Malicious code in @terraform-aws-github-runner/aws-ssm-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 923d8c9265a141fb0384c59b41ad9dea10d1d2ee7a4d30165537b10a69d82e40 The OpenSSF Package Analysis project identified '@terraform-aws-github-runner/aws-ssm-util' @ 1.0.0 npm as malicious. It is considered malicious...

MAL-2023-8637 Malicious code in @terraform-aws-github-runner/aws-ssm-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 923d8c9265a141fb0384c59b41ad9dea10d1d2ee7a4d30165537b10a69d82e40 The OpenSSF Package Analysis project identified '@terraform-aws-github-runner/aws-ssm-util' @ 1.0.0 npm as malicious. It is considered malicious...

Malicious code in @terraform-aws-github-runner/aws-ssm-uti (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9e8dee05678c6b03df102e495749bdc9db8ae73a32752a0f85345cc637577012 The OpenSSF Package Analysis project identified '@terraform-aws-github-runner/aws-ssm-uti' @ 1.999.0 npm as malicious. It is considered maliciou...

CVE-2023-26493

Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the web-interface-check.yml was subject to command injection. The web-interface-check.yml was triggered when a pull request was opened or updated and...