Vulnerabilities > TJ Actions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-29 | CVE-2023-52137 | Command Injection vulnerability in Tj-Actions Verify-Changed-Files The [`tj-actions/verify-changed-files`](https://github.com/tj-actions/verify-changed-files) action allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. | 8.8 |
| 2023-12-27 | CVE-2023-51664 | Command Injection vulnerability in Tj-Actions Changed-Files tj-actions/changed-files is a Github action to retrieve all files and directories. | 9.8 |
| 2023-12-05 | CVE-2023-49291 | Unspecified vulnerability in Tj-Actions Branch-Names tj-actions/branch-names is a Github action to retrieve branch or tag names with support for all events. | 9.8 |