Vulnerabilidades en step-security
5 resultadosCVE-2024-52587LOWHarden-Runner has command injection weaknesses in `setup.ts` and `arc-runner.ts`EPSS 2.7%CVE-2026-25598MEDIUMBypassing Logging of Outbound Connections Using sendto, sendmsg, and sendmmsg in Harden-Runner (Community Tier)EPSS 0.3%CVE-2026-32947MEDIUMEgress Policy Bypass via DNS over HTTPS (DoH) in Harden-Runner (Community Tier)EPSS 0.3%CVE-2026-32946MEDIUMEgress Policy Bypass via DNS over TCP in Harden-Runner (Community Tier)EPSS 0.3%CVE-2025-32955MEDIUMHarden-Runner Evasion of 'disable-sudo' policyEPSS 0.2%