Tj-actions ≫ Changed-files

2 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

8.6

CVE-2025-30066

Warnung Exploit

EPSS 88.26%
Veröffentlicht 15.03.2025 00:00:00
Zuletzt bearbeitet 05.11.2025 19:27:53

tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, w...

9.8

CVE-2023-51664

Exploit

EPSS 0.67%
Veröffentlicht 27.12.2023 17:15:08
Zuletzt bearbeitet 21.11.2024 08:38:33

tj-actions/changed-files is a Github action to retrieve all files and directories. Prior to 41.0.0, the `tj-actions/changed-files` workflow allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentia...

Team-orientierte Vulnerability Management Plattform

Features der Plattform

Tj-actions ≫ Changed-files

CVE-2025-30066

CVE-2023-51664