The tj-actions/verify-changed-files
action allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. The verify-changed-files
workflow returns the list of files changed within a workflow execution. This could potentially allow filenames that contain special characters such as ;
which can be used by an attacker to take over the GitHub Runner if the output value is used in a raw fashion (thus being directly replaced before execution) inside a run
block. By running custom commands, an attacker may be able to steal secrets such as GITHUB_TOKEN
if triggered on other events than pull_request
.
This has been patched in versions 17 and 17.0.0 by enabling safe_output
by default and returning filename paths escaping special characters for bash environments.
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Verify-changed-files | Tj-actions | * | 17.0.0 (excluding) |
Command injection vulnerabilities typically occur when:
Many protocols and products have their own custom command language. While OS or shell command strings are frequently discovered and targeted, developers may not realize that these other command languages might also be vulnerable to attacks. Command injection is a common problem with wrapper programs.