VDB

CVE-2022-35954

CVE-2022-35954 PUBLISHED CVSS 5 MEDIUM

@actions/core has Delimiter Injection Vulnerability in exportVariable

EPSS 0.25% · 48.2th percentile

Risk Scores

CVSS 3.1
5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
EPSS Score
0.25%
48.2th percentile

Affected Products

VendorProductVersions
actionscore0
actionstoolkit<= 1.9.0
githubtoolkit0

Timeline

  • CVE Published
  • Aug 14, 2022 EPSS Score
  • Aug 18, 2022 PoC Published
  • Sep 29, 2022 EPSS Score
  • Nov 14, 2022 EPSS Score
  • Dec 14, 2022 PoC Published
  • Dec 30, 2022 EPSS Score
  • Feb 14, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 1, 2023 EPSS Score
  • May 17, 2023 EPSS Score
  • Jul 2, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›