Actions Toolkit

4 CVEs affecting Actions Toolkit. Latest disclosed: 2025-06-09. Critical: 0, High: 1.

Top CVEs affecting Actions Toolkit
CVESeverityScorePublishedSummary
CVE-2024-42471High7.32024-09-02actions/artifact is the GitHub ToolKit for developing GitHub Actions. Versions of `actions/artifact` on the 2.x branch before 2.1.2 are vulnerable to arbitrar…
CVE-2022-35954Medium5.02022-08-15The GitHub Actions ToolKit provides a set of packages to make creating actions easier. The `core.exportVariable` function uses a well known delimiter that atta…
CVE-2025-5890Medium4.32025-06-09A vulnerability classified as problematic has been found in actions toolkit 0.5.0. This affects the function globEscape of the file toolkit/packages/glob/src/i…
CVE-2020-15228Low3.52020-10-01In the `@actions/core` npm module before version 1.2.6,`addPath` and `exportVariable` functions communicate with the Actions Runner over stdout by generating a…