Vulnerabilities > GIT TAG Annotation Action Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-26 | CVE-2020-15272 | Unspecified vulnerability in Git-Tag-Annotation-Action Project Git-Tag-Annotation-Action 1.0.0 In the git-tag-annotation-action (open source GitHub Action) before version 1.0.1, an attacker can execute arbitrary (*) shell commands if they can control the value of [the `tag` input] or manage to alter the value of [the `GITHUB_REF` environment variable]. | 9.6 |