CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27581 – github-slug-action vulnerable to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-27581
github-slug-action is a GitHub Action to expose slug value of GitHub environment variables inside of one's GitHub workflow. Starting in version 4.0.0` and prior to version 4.4.1, this action uses the `github.head_ref` parameter in an insecure way. This vulnerability can be triggered by any user on GitHub on any workflow using the action on pull requests. They just need to create a pull request with a branch name, which can contain the attack payload. This can be used to execute code on the GitHub runners and to exfiltrate any secrets one uses in the CI pipeline. • https://github.com/rlespinasse/github-slug-action/commit/102b1a064a9b145e56556e22b18b19c624538d94 https://github.com/rlespinasse/github-slug-action/releases/tag/v4.4.1 https://github.com/rlespinasse/github-slug-action/security/advisories/GHSA-6q4m-7476-932w https://securitylab.github.com/research/github-actions-untrusted-input • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-25084 – Hide Files on GitHub options.js addEventListener cross site scripting
https://notcve.org/view.php?id=CVE-2019-25084
A vulnerability, which was classified as problematic, has been found in Hide Files on GitHub up to 2.x. This issue affects the function addEventListener of the file extension/options.js. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 3.0.0 is able to address this issue. • https://github.com/sindresorhus/hide-files-on-github/commit/9de0c57df81db1178e0e79431d462f6d9842742e https://github.com/sindresorhus/hide-files-on-github/pull/73 https://github.com/sindresorhus/hide-files-on-github/releases/tag/3.0.0 https://vuldb.com/?ctiid.216767 https://vuldb.com/?id.216767 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-33961
https://notcve.org/view.php?id=CVE-2021-33961
A Cross Site Scripting (XSS) vulnerabililty exists in enhanced-github v5.0.11 via the file name parameter. Se presenta una vulnerabilidad de tipo Cross Site Scripting (XSS) en enhanced-github versión v5.0.11, por medio del parámetro file name • https://github.com/softvar/enhanced-github/issues/96 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-23986
https://notcve.org/view.php?id=CVE-2020-23986
Github Read Me Stats commit 3c7220e4f7144f6cb068fd433c774f6db47ccb95 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the function renderError. Se ha detectado que el commit 3c7220e4f7144f6cb068fd433c774f6db47ccb95 de Github Read Me Stats contenía una vulnerabilidad de tipo cross-site scripting (XSS) reflejada por medio de la función renderError. • https://github.com/anuraghazra/github-readme-stats/pull/255 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-44684
https://notcve.org/view.php?id=CVE-2021-44684
naholyr github-todos 3.1.0 is vulnerable to command injection. The range argument for the _hook subcommand is concatenated without any validation, and is directly used by the exec function. naholyr github-todos versión 3.1.0, es vulnerable a una inyección de comandos. El argumento de rango para el subcomando _hook es concatenado sin ninguna comprobación, y es usado directamente por la función exec • https://github.com/dwisiswant0/advisory/issues/5 https://github.com/naholyr/github-todos/issues/34 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •