Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

4 advisories

Loading
ghas-to-csv vulnerable to Improper Neutralization of Formula Elements in a CSV File Moderate
CVE-2022-39217 was published for some-natalie/ghas-to-csv (GitHub Actions) Sep 16, 2022
aegilops some-natalie
Actions expression injection in `filter-test-configs` (`GHSL-2023-181`) Moderate
GHSA-hw6r-g8gj-2987 was published for https://github.com/pytorch/pytorch/.github/actions/filter-test-configs (GitHub Actions) Aug 30, 2023
jorgectf
github-slug-action use of `set-env` Runner commands which are processed via stdout Moderate
GHSA-7f32-hm4h-w77q was published for rlespinasse/github-slug-action (GitHub Actions) Feb 3, 2024
hsblhsn rlespinasse
fish-shop/syntax-check Improper Neutralization of Delimiters Moderate
CVE-2024-42482 was published for fish-shop/syntax-check (GitHub Actions) Aug 12, 2024
marcransome
ProTip! Advisories are also available from the GraphQL API