Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1
CVE-2025-24362
- EPSS 0.29%
- Veröffentlicht 24.01.2025 18:15:32
- Zuletzt bearbeitet 31.03.2025 14:15:18
In some circumstances, debug artifacts uploaded by the CodeQL Action after a failed code scanning workflow run may contain the environment variables from the workflow run, including any secrets that were exposed as environment variables to the workfl...
5.5
CVE-2024-25129
- EPSS 0.12%
- Veröffentlicht 22.02.2024 19:15:08
- Zuletzt bearbeitet 05.02.2025 21:59:18
The CodeQL CLI repo holds binaries for the CodeQL command line interface (CLI). Prior to version 2.16.3, an XML parser used by the CodeQL CLI to read various auxiliary files is vulnerable to an XML External Entity attack. If a vulnerable version of t...
1