24 matches found
Exploit for CVE-2025-54416
CVE-2025-54416: tj-actions/branch-names Command Injection PoC...
CVE-2025-54416
tj-actions/branch-names is a Github actions repository that contains workflows to retrieve branch or tag names with support for all events. In versions 8.2.1 and below, a critical vulnerability has been identified in the tj-actions/branch-names' GitHub Action workflow which allows arbitrary comma...
CVE-2025-54416
CVE-2025-54416 – tj-actions/branch-names has a concrete command-injection flaw in the GitHub Action outputs. The vulnerability stems from unsafe use of the pattern echo "... $(eval printf "%s" …)" to populate GITHUB_OUTPUT, allowing an attacker-controlled branch or tag name to inject commands dow...
CVE-2025-54416 tj-actions/branch-names Contains Command Injection Vulnerability
tj-actions/branch-names is a Github actions repository that contains workflows to retrieve branch or tag names with support for all events. In versions 8.2.1 and below, a critical vulnerability has been identified in the tj-actions/branch-names' GitHub Action workflow which allows arbitrary comma...
PT-2025-30953
Name of the Vulnerable Software and Affected Versions: tj-actions/branch-names versions 8.2.1 and below Description: A critical command injection vulnerability exists in the tj-actions/branch-names GitHub Action workflow. This flaw stems from inconsistent input sanitization and unescaped output,...
Supply Chain Compromise of Third-Party tj-actions/changed-files (CVE-2025-30066) and reviewdog/action-setup@v1 (CVE-2025-30154)
A popular third-party GitHub Action, tj-actions/changed-files tracked as CVE-2025-30066link is external, was compromised. tj-actions/changed-files is designed to detect which files have changed in a pull request or commit. The supply chain compromise allows for information disclosure of secrets...
New GitHub Action supply chain attack: reviewdog/action-setup
A supply chain attack on tj-actions/changed-files caused many repositories to leak their secrets over the weekend. Wiz Research has discovered an additional supply chain attack on reviewdog/actions-setup@v1, that may have contributed to the compromise of tj-actions/changed-files...
Malicious Code Hits ‘tj-actions/changed-files’ in 23,000 GitHub Repos
GitHub security alert: Malicious code found in ‘tj-actions/changed-files,’ impacting 23K+ repos. Learn how to check, remove, and protect…...
CVE-2025-30066
tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious updateFeatures code...
tj-actions changed-files through 45.0.7 allows remote attackers to discover secrets by reading actions logs.
Summary A supply chain attack compromised the tj-actions/changed-files GitHub Action, impacting over 23,000 repositories. Attackers retroactively modified multiple version tags to reference a malicious commit, exposing CI/CD secrets in workflow logs. The vulnerability existed between March 14 and...
CVE-2025-30066
tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious updateFeatures code...
CVE-2025-30066
tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious updateFeatures code...
CVE-2025-30066
tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious updateFeatures code...
CVE-2025-30066
CVE-2025-30066 affects tj-actions/changed-files before 46, where a malicious commit (0e58ed8) was used to alter tags (e.g., v1, v45.0.7) and cause secrets to be read from GitHub Actions logs. Public reports and advisories (CISA, OSV, GHSA) confirm secrets disclosure via runners’ logs in affected ...
CVE-2025-30066
tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious updateFeatures code...
PT-2025-11328
Name of the Vulnerable Software and Affected Versions tj-actions/changed-files versions 1 through 45.0.7 Description The tj-actions/changed-files GitHub Action was compromised, allowing remote attackers to discover secrets by reading actions logs. The compromise occurred between March 14 and Marc...
GHSA-MCPH-M25J-8J63 tj-actions/changed-files has Potential Actions command injection in output filenames (GHSL-2023-271)
Summary The tj-actions/changed-files workflow allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. Details The changed-files action returns a list of files changed in a commit or pull request which provides an escapejson...
tj-actions/changed-files has Potential Actions command injection in output filenames (GHSL-2023-271)
Summary The tj-actions/changed-files workflow allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. Details The changed-files action returns a list of files changed in a commit or pull request which provides an escapejson...
CVE-2023-52137
The tj-actions/verify-changed-files action allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. The verify-changed-files workflow returns the list of files changed within a workflow execution. This could potentially allow...
CVE-2023-52137
CVE-2023-52137 affects the tj-actions/verify-changed-files GitHub Action. The vulnerability allows command injection through changed filenames returned by the verify-changed-files workflow, potentially enabling arbitrary code execution on the GitHub Runner and secret leakage when outputs are used...