4 matches found
GHSA-QMG3-HPQR-GQVC Multiple Reviewdog actions were compromised during a specific time period
Summary reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use reviewdog/action-setup@v1 would also be compromised, regardless of version or pinni...
Multiple Reviewdog actions were compromised during a specific time period
Summary reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use reviewdog/action-setup@v1 would also be compromised, regardless of version or pinni...
CVE-2025-30154 Multiple Reviewdog actions were compromised during a specific time period
reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use reviewdog/action-setup@v...
PT-2025-11694
Name of the Vulnerable Software and Affected Versions reviewdog/action-setup version 1 Description The GitHub Action reviewdog/action-setup was compromised between March 11, 2025, 18:42 and 20:31 UTC with malicious code. This code dumps exposed secrets to GitHub Actions Workflow Logs. Actions tha...