Lucene search
K

4 matches found

OSV
OSV
added 2025/03/19 3:19 p.m.8 views

GHSA-QMG3-HPQR-GQVC Multiple Reviewdog actions were compromised during a specific time period

Summary reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use reviewdog/action-setup@v1 would also be compromised, regardless of version or pinni...

8.6CVSS8.7AI score0.02296EPSS
Exploits2References8
Github Security Blog
Github Security Blog
added 2025/03/19 3:19 p.m.25 views

Multiple Reviewdog actions were compromised during a specific time period

Summary reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use reviewdog/action-setup@v1 would also be compromised, regardless of version or pinni...

8.6CVSS7AI score0.02296EPSS
Exploits2References8Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/19 3:15 p.m.8 views

CVE-2025-30154 Multiple Reviewdog actions were compromised during a specific time period

reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use reviewdog/action-setup@v...

8.6CVSS8.7AI score0.02296EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2025/03/12 12:0 a.m.5 views

PT-2025-11694

Name of the Vulnerable Software and Affected Versions reviewdog/action-setup version 1 Description The GitHub Action reviewdog/action-setup was compromised between March 11, 2025, 18:42 and 20:31 UTC with malicious code. This code dumps exposed secrets to GitHub Actions Workflow Logs. Actions tha...

8.6CVSS7.4AI score0.02296EPSS
Exploits2References183
Rows per page
Query Builder