PT-2025-20693 · Github · Ozi Action
Name of the Vulnerable Software and Affected Versions: OZI action versions 1.13.2 through 1.13.5 Description: The OZI action, a GitHub Action for publishing releases to PyPI, has a flaw where potentially untrusted data flows into PR creation logic. This allows a malicious actor to construct a...