Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1
CVE-2025-24362
- EPSS 0.29%
- Published 24.01.2025 18:15:32
- Last modified 31.03.2025 14:15:18
In some circumstances, debug artifacts uploaded by the CodeQL Action after a failed code scanning workflow run may contain the environment variables from the workflow run, including any secrets that were exposed as environment variables to the workfl...
5.5
CVE-2024-25129
- EPSS 0.12%
- Published 22.02.2024 19:15:08
- Last modified 05.02.2025 21:59:18
The CodeQL CLI repo holds binaries for the CodeQL command line interface (CLI). Prior to version 2.16.3, an XML parser used by the CodeQL CLI to read various auxiliary files is vulnerable to an XML External Entity attack. If a vulnerable version of t...
1