Browse all 5 CVE security advisories affecting tj-actions. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-54416 | tj-actions/branch-names Contains Command Injection Vulnerability — branch-namesCWE-77 | 9.1 | Critical | 2025-07-26 |
| CVE-2025-30066 | changed-files 安全漏洞 — changed-filesCWE-506 | 8.6 | High | 2025-03-15 |
| CVE-2023-52137 | GitHub Action tj-actions/verify-changed-files is vulnerable to command injection in output filenames — verify-changed-filesCWE-20 | 7.7 | High | 2023-12-29 |
| CVE-2023-51664 | tj-actions/changed-files command injection in output filenames — changed-filesCWE-77 | 7.3 | High | 2023-12-27 |
| CVE-2023-49291 | Improper Sanitization of Branch Name Leads to Arbitrary Code Injection — branch-namesCWE-20 | 9.3 | Critical | 2023-12-04 |
This page lists every published CVE security advisory associated with tj-actions. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.