Количество 3
Количество 3
CVE-2025-30066
tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious updateFeatures code.)
GHSA-mrrh-fwg8-r2c3
tj-actions changed-files through 45.0.7 allows remote attackers to discover secrets by reading actions logs.
BDU:2026-00066
Уязвимость пакета changed-files программного обеспечения для автоматизации процессов CI/CD TJ-actions, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-30066 tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious updateFeatures code.) | CVSS3: 8.6 | 90% Критический | 11 месяцев назад |
| GHSA-mrrh-fwg8-r2c3 tj-actions changed-files through 45.0.7 allows remote attackers to discover secrets by reading actions logs. | CVSS3: 8.6 | 90% Критический | 11 месяцев назад |
 | BDU:2026-00066 Уязвимость пакета changed-files программного обеспечения для автоматизации процессов CI/CD TJ-actions, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации | CVSS3: 8.6 | 90% Критический | 11 месяцев назад |
Уязвимостей на страницу