Skip to main content

Verify Changed Files

1 CVEs product

Monthly

CVE-2023-52137 HIGH POC PATCH This Week

The [`tj-actions/verify-changed-files`](https://github.com/tj-actions/verify-changed-files) action allows for command injection in changed filenames, allowing an attacker to execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Command Injection Verify Changed Files
NVD GitHub
CVSS 3.1
8.8
EPSS
2.6%
EPSS 3% CVSS 8.8
HIGH POC PATCH This Week

The [`tj-actions/verify-changed-files`](https://github.com/tj-actions/verify-changed-files) action allows for command injection in changed filenames, allowing an attacker to execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Command Injection Verify Changed Files
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy