Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1
CVE-2025-24362
- EPSS 0.29%
- Veröffentlicht 24.01.2025 18:15:32
- Zuletzt bearbeitet 31.03.2025 14:15:18
In some circumstances, debug artifacts uploaded by the CodeQL Action after a failed code scanning workflow run may contain the environment variables from the workflow run, including any secrets that were exposed as environment variables to the workfl...
4.4
CVE-2021-32638
- EPSS 0.07%
- Veröffentlicht 25.05.2021 17:15:08
- Zuletzt bearbeitet 21.11.2024 06:07:25
Github's CodeQL action is provided to run CodeQL-based code scanning on non-GitHub CI/CD systems and requires a GitHub access token to connect to a GitHub repository. The runner and its documentation previously suggested passing the GitHub token as a...
1