mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-05 18:27:17 +00:00
1.2 KiB
1.2 KiB
CVE-2023-49291
Description
tj-actions/branch-names is a Github action to retrieve branch or tag names with support for all events. The tj-actions/branch-names GitHub Actions improperly references the github.event.pull_request.head.ref and github.head_ref context variables within a GitHub Actions run step. The head ref variable is the branch name and can be used to execute arbitrary code using a specially crafted branch name. As a result an attacker can use this vulnerability to steal secrets from or abuse GITHUB_TOKEN permissions. This vulnerability has been addressed in version 7.0.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.
POC
Reference
Github
No PoCs found on GitHub currently.