PT-2024-40157 — Github-Slug-Action

PT-2024-40157 · Github · Github-Slug-Action

Published

2024-02-03

Updated

2024-02-03

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions: github-slug-action versions prior to 1.1.1 github-slug-action versions prior to 2.1.1

Description: The issue is related to the use of set-env runner commands processed via stdout. It is recommended to upgrade to a version that uses the Environment File Syntax.

Recommendations: For versions prior to 1.1.1, upgrade to version 1.1.1 or later. For versions prior to 2.1.1, upgrade to version 2.1.1 or later.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

GHSA-7F32-HM4H-W77Q

Affected Products

Github-Slug-Action

Related Identifiers

Affected Products

References · 3