All 2 CVE vulnerabilities found in codeql-action, with AI-generated Chinese analysis, references, and POCs.
Vendor: github
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-24362 | CodeQL GitHub Action failed workflow writes GitHub PAT to debug artifacts CWE-532 | 6.5 | - | 2025-01-24 |
| CVE-2021-32638 | CodeQL runner: Command-line options that make GitHub access tokens visible to other processes are now deprecated CWE-200 | 4.4 | Medium | 2021-05-25 |
All 2 known CVE vulnerabilities affecting codeql-action with full Chinese analysis, references, and POCs where available.