VDB
CVE-2022-35954
CVE-2022-35954
PUBLISHED
CVSS 5 MEDIUM
@actions/core has Delimiter Injection Vulnerability in exportVariable
EPSS 0.25% · 48.2th percentile
Risk Scores
CVSS 3.1
5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
EPSS Score
0.25%
48.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| actions | core | 0 |
| actions | toolkit | <= 1.9.0 |
| github | toolkit | 0 |
Timeline
- CVE Published
- Aug 14, 2022 EPSS Score
- Aug 18, 2022 PoC Published
- Sep 29, 2022 EPSS Score
- Nov 14, 2022 EPSS Score
- Dec 14, 2022 PoC Published
- Dec 30, 2022 EPSS Score
- Feb 14, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 1, 2023 EPSS Score
- May 17, 2023 EPSS Score
- Jul 2, 2023 EPSS Score