CVE-2022-35954

The CVE-2022-35954 issue affects the GitHub Actions ToolKit, specifically core.exportVariable in @actions/core. The vulnerability arises from a well-known delimiter (GitHubActionsFileCommandDelimeter ) used to set environment variables via GITHUB_ENV, which can be exploited to break out of the in...

CVE-2022-35954 Delimiter injection vulnerability in @actions/core exportVariable

The GitHub Actions ToolKit provides a set of packages to make creating actions easier. The core.exportVariable function uses a well known delimiter that attackers can use to break out of that specific variable and assign values to other arbitrary variables. Workflows that write untrusted values t...

PT-2022-23055 · Github · @Actions/Core

Name of the Vulnerable Software and Affected Versions: @actions/core versions prior to v1.9.1 Description: The core.exportVariable function uses a well-known delimiter that attackers can use to break out of that specific variable and assign values to other arbitrary variables. Workflows that writ...

check-spelling workflow vulnerable to token leakage via symlink attack

Impact For a repository with the check-spelling action enabled that triggers on pullrequesttarget or schedule, an attacker can send a crafted Pull Request that causes a GITHUBTOKEN to be exposed. With the GITHUBTOKEN, it's possible to push commits to the repository bypassing standard approval...

GHSA-G86G-CHM8-7R2P check-spelling workflow vulnerable to token leakage via symlink attack

Impact For a repository with the check-spelling action enabled that triggers on pullrequesttarget or schedule, an attacker can send a crafted Pull Request that causes a GITHUBTOKEN to be exposed. With the GITHUBTOKEN, it's possible to push commits to the repository bypassing standard approval...

GitHub: Command injection in GitHub Actions ContainerStepHost

GitHub Actions Runner is the application that runs a job from a GitHub Actions workflow. The actions runner invokes the docker cli directly in order to run job containers, service containers, or container actions. A bug in the logic for how the environment is encoded into these docker commands wa...

Cloud-based Cryptocurrency Miners Targeting GitHub Actions and Azure VMs

GitHub Actions and Azure virtual machines VMs are being leveraged for cloud-based cryptocurrency mining, indicating sustained attempts on the part of malicious actors to target cloud resources for illicit purposes. "Attackers can abuse the runners or servers provided by GitHub to run an...

Malicious code in panther-github-actions (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a3cf372dfd59de8690e3a89a7ea4f9117da1f269a50dcb3ac94d20a9f7903c91 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5208 Malicious code in panther-github-actions (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a3cf372dfd59de8690e3a89a7ea4f9117da1f269a50dcb3ac94d20a9f7903c91 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Hyperledger: Unauthorized packages modification or secrets exfiltration via GitHub actions

Thank you to @dustywormwood for working closely with the Iroha team to fix this issue. You can learn more about this vulnerability type at https://github.com/nikitastupin/pwnhub. Thanks to the Hyperledger team for thorough remediation and clear communication!...

nuclei-templates

This repository is an offensive tool for nuclei templates. It contains a collection of community-curated templates for the nuclei engine to find security vulnerabilities in applications. The templates are stored in the cves directory and are used by the nuclei scanner to identify potential...

Let's Dance: InsightAppSec and tCell Bring New DevSecOps Improvements in Q1

To the left, to the left, to the right, right — the CI/CD Pipeline is on the move. DevSecOps is all about adding security across the application lifecycle. A popular approach to application security is to shift left, which means moving security earlier in the software development lifecycle SDLC...

nuclei-templates

This repository is a collection of templates for the nuclei engine, a tool used to find security vulnerabilities in applications. The templates are used to identify potential vulnerabilities and are contributed by both the project's team and the community. The repository contains various template...

RAUDI - A Repo To Automatically Generate And Keep Updated A Series Of Docker Images Through GitHub Actions

RAUDI Regularly and Automatically Updated Docker Images automatically generates and keep updated a series of Docker Images through GitHub Actions for tools that are not provided by the developers. What is RAUDI RAUDI is what will save you from creating and managing a lot of Docker Images manually...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

!Java CIhttps://github.com/Nikolas-Charalambidis/cve-2021-44...

vulhub

This repository is an offensive tool for vulnerability research and exploitation. It contains a collection of vulnerable applications and services, along with exploits and tools to demonstrate their vulnerabilities. The primary vulnerability targeted by this repository is not explicitly stated, b...

Recog: Data Rules Everything Around Me

The recog project — a recognition framework used to identify products, operating systems, and hardware through matching network probe data against its extensive fingerprint collection — has been around for many years. In the beginning, Rapid7 used it internally as part of the Nexpose vulnerabilit...

vulhub

This repository is an offensive tool for creating pre-built vulnerable environments based on Docker-Compose. It is a collection of vulnerable applications and services that can be used for testing and training purposes. The repository includes a variety of vulnerable applications, such as CouchDB...

PyPI Python Package Repository Patches Critical Supply Chain Flaw

The maintainers of Python Package Index PyPI last week issued fixes for three vulnerabilities, one among which could be abused to achieve arbitrary code execution and take full control of the official third-party software repository. The security weaknesses were discovered and reported by Japanes...

CVE-2021-32638

Github's CodeQL action is provided to run CodeQL-based code scanning on non-GitHub CI/CD systems and requires a GitHub access token to connect to a GitHub repository. The runner and its documentation previously suggested passing the GitHub token as a command-line parameter to the process instead ...