CVE-2020-14188
CVE-2020-14188
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 2.8%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
09 Nov 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The preprocessArgs function in the Atlassian gajira-create GitHub Action before version 2.0.1 allows remote attackers to execute arbitrary code in the context of a GitHub runner by creating a specially crafted GitHub issue.
Affected products
Atlassian · gajira-createWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →