Security: actions/toolkit
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Arbitrary File Write via artifact extractionGHSA-6q32-hq47-5qq3 published
Sep 2, 2024 by joshmgrossHigh -
Delimiter injection vulnerability in @actions/core exportVariableGHSA-7r3h-m5j6-3q42 published
Aug 12, 2022 by thboopModerate -
`add-path` and `set-env` Runner commands are processed via stdoutGHSA-mfwh-5m23-j46w published
Oct 1, 2020 by chrispatModerate