漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Goshs - ArtiPACKED Vulnerability – GitHub Actions Credential Persistence
Vulnerability Description
goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs has an ArtiPACKED vulnerability. ArtiPACKED can lead to leakage of the GITHUB_TOKEN through workflow artifacts, even though the token is not present in the repository source code. This vulnerability is fixed in 2.0.0-beta.6.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
从非可信控制范围包含功能例程
Vulnerability Title
goshs 安全漏洞
Vulnerability Description
goshs是Patrick Hener个人开发者的一个用Go编写的简单HTTP Server。 goshs 2.0.0-beta.6之前版本存在安全漏洞,该漏洞源于ArtiPACKED问题,可能导致GITHUB_TOKEN通过工作流构件泄露。
CVSS Information
N/A
Vulnerability Type
N/A