Filtered by vendor Actions\/artifact\/
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-42471 | 2 Actions\/artifact\/, Github | 3 Github Toolkit, Actions\/artifact, Actions Toolkit | 2025-01-23 | 7.3 High |
| actions/artifact is the GitHub ToolKit for developing GitHub Actions. Versions of `actions/artifact` on the 2.x branch before 2.1.2 are vulnerable to arbitrary file write when using `downloadArtifactInternal`, `downloadArtifactPublic`, or `streamExtractExternal` for extracting a specifically crafted artifact that contains path traversal filenames. Users are advised to upgrade to version 2.1.2 or higher. There are no known workarounds for this issue. | ||||
Page 1 of 1.