{"vulnerability": "CVE-2025-3147", "sightings": [{"uuid": "85bd3a7d-7fc1-4d7d-8a16-770d9687b563", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31478", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmxo5cirug2r", "content": "", "creation_timestamp": "2025-04-16T22:44:20.449677Z"}, {"uuid": "5f07cbb7-3e70-4642-9466-303272abd149", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31479", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114270632021246470", "content": "", "creation_timestamp": "2025-04-02T22:04:31.238733Z"}, {"uuid": "f0f8164e-2a55-4360-b031-feba5eb32cae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31479", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114270632021246470", "content": "", "creation_timestamp": "2025-04-02T22:04:31.252184Z"}, {"uuid": "0fadd44c-3d8a-4b73-a9ff-a974bc13d7fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31477", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114270641178668879", "content": "", "creation_timestamp": "2025-04-02T22:06:50.774042Z"}, {"uuid": "3c3225ff-4343-4e28-9c3d-d404534330e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31477", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114270641178668879", "content": "", "creation_timestamp": "2025-04-02T22:06:50.789815Z"}, {"uuid": "5bb0f938-9982-43be-99e6-49b0f1c75c15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31477", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lluhff4g662h", "content": "", "creation_timestamp": "2025-04-02T22:40:23.396875Z"}, {"uuid": "3ab6ac38-db7a-4da4-a167-c884f39a47e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31479", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lluikupzg52k", "content": "", "creation_timestamp": "2025-04-02T23:01:23.816841Z"}, {"uuid": "da8eb346-931e-47a7-9fe0-a06121959583", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31477", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lluikutdzb2o", "content": "", "creation_timestamp": "2025-04-02T23:01:24.702716Z"}, {"uuid": "d60f82af-ba76-4cba-b238-2c646e97b47b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31479", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114271041132793130", "content": "", "creation_timestamp": "2025-04-02T23:48:33.462365Z"}, {"uuid": "0530a1f9-6318-4417-84d4-fa2f2274ce8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31479", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114271041132793130", "content": "", "creation_timestamp": "2025-04-02T23:48:33.467381Z"}, {"uuid": "7fcc948a-3782-42e7-966d-70e39590d8ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31478", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114350548475440645", "content": "", "creation_timestamp": "2025-04-17T00:48:19.235967Z"}, {"uuid": "51a87e0a-6299-499a-8342-b82e5010c8b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31477", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10143", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31477\n\ud83d\udd25 CVSS Score: 9.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: The Tauri shell plugin allows access to the system shell. Prior to 2.2.1, the Tauri shell plugin exposes functionality to execute code and open programs on the system. The open endpoint of this plugin is designed to allow open functionality with the system opener (e.g. xdg-open on Linux). This was meant to be restricted to a reasonable number of protocols like https or mailto by default. This default restriction was not functional due to improper validation of the allowed protocols, allowing for potentially dangerous protocols like file://, smb://, or nfs:// and others to be opened by the system registered protocol handler. By passing untrusted user input to the open endpoint these potentially dangerous protocols can be abused to gain remote code execution on the system. This either requires direct exposure of the endpoint to application users or code execution in the frontend of a Tauri application. This vulnerability is fixed in 2.2.1.\n\ud83d\udccf Published: 2025-04-02T21:10:14.264Z\n\ud83d\udccf Modified: 2025-04-02T21:10:14.264Z\n\ud83d\udd17 References:\n1. https://github.com/tauri-apps/plugins-workspace/security/advisories/GHSA-c9pr-q8gx-3mgp\n2. https://github.com/tauri-apps/plugins-workspace/commit/9cf0390a52497e273db1a1b613a0e26827aa327c", "creation_timestamp": "2025-04-02T21:34:12.000000Z"}, {"uuid": "a68f1faa-a396-48df-a7fb-cb09570b0d08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31472", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9364", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31472\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michele Marri Flatty allows Stored XSS. This issue affects Flatty: from n/a through 2.0.0.\n\ud83d\udccf Published: 2025-03-28T11:54:03.559Z\n\ud83d\udccf Modified: 2025-03-28T15:21:43.545Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/flatty-flat-admin-theme/vulnerability/wordpress-flatty-2-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-28T15:28:32.000000Z"}, {"uuid": "e5c4047e-9768-4af1-adb1-3bec13d4f66d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3147", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10188", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3147\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-subadmin.php. The manipulation of the argument sadminusername leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-04-03T07:00:15.154Z\n\ud83d\udccf Modified: 2025-04-03T07:00:15.154Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.303052\n2. https://vuldb.com/?ctiid.303052\n3. https://vuldb.com/?submit.525388\n4. https://github.com/nabiland/cve/issues/2\n5. https://phpgurukul.com/", "creation_timestamp": "2025-04-03T07:34:24.000000Z"}, {"uuid": "dff02805-8166-46b0-9493-73767f64423a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31479", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10144", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31479\n\ud83d\udd25 CVSS Score: 8.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:H)\n\ud83d\udd39 Description: canonical/get-workflow-version-action is a GitHub composite action to get commit SHA that GitHub Actions reusable workflow was called with. Prior to 1.0.1, if the get-workflow-version-action step fails, the exception output may include the GITHUB_TOKEN. If the full token is included in the exception output, GitHub will automatically redact the secret from the GitHub Actions logs. However, the token may be truncated\u2014causing part of the GITHUB_TOKEN to be displayed in plaintext in the GitHub Actions logs. Anyone with read access to the GitHub repository can view GitHub Actions logs. For public repositories, anyone can view the GitHub Actions logs. The opportunity to exploit this vulnerability is limited\u2014the GITHUB_TOKEN is automatically revoked when the job completes. However, there is an opportunity for an attack in the time between the GITHUB_TOKEN being displayed in the logs and the completion of the job. Users using the github-token input are impacted. This vulnerability is fixed in 1.0.1.\n\ud83d\udccf Published: 2025-04-02T21:09:34.354Z\n\ud83d\udccf Modified: 2025-04-02T21:09:34.354Z\n\ud83d\udd17 References:\n1. https://github.com/canonical/get-workflow-version-action/security/advisories/GHSA-26wh-cc3r-w6pj\n2. https://github.com/canonical/get-workflow-version-action/issues/2\n3. https://github.com/canonical/get-workflow-version-action/commit/88281a62e96e1c0ef4df30352ae0668a9f3e3369", "creation_timestamp": "2025-04-02T21:34:13.000000Z"}, {"uuid": "5af501e4-3533-44b1-826a-4be20ee19730", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31472", "type": "seen", "source": "https://t.me/cvedetector/21424", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31472 - Flatty Stored Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2025-31472 \nPublished : March 28, 2025, 12:15 p.m. | 2\u00a0hours, 7\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michele Marri Flatty allows Stored XSS. This issue affects Flatty: from n/a through 2.0.0. \nSeverity: 5.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-28T16:04:48.000000Z"}, {"uuid": "e8ac3136-7eb9-47a5-bebf-336a9061b30a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31476", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18231", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31476\n\ud83d\udd25 CVSS Score: 4.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: tarteaucitron.js is a compliant and accessible cookie banner. A vulnerability was identified in tarteaucitron.js, allowing a user with high privileges (access to the site's source code or a CMS plugin) to enter a URL containing an insecure scheme such as javascript:alert(). Before the fix, URL validation was insufficient, which could allow arbitrary JavaScript execution if a user clicked on a malicious link. An attacker with high privileges could insert a link exploiting an insecure URL scheme, leading to execution of arbitrary JavaScript code, theft of sensitive data through phishing attacks, or modification of the user interface behavior. This vulnerability is fixed in 1.20.1.\n\ud83d\udccf Published: 2025-04-07T14:52:12.728Z\n\ud83d\udccf Modified: 2025-06-12T21:03:38.700Z\n\ud83d\udd17 References:\n1. https://github.com/AmauriC/tarteaucitron.js/security/advisories/GHSA-p5g4-v748-6fh8\n2. https://github.com/AmauriC/tarteaucitron.js/commit/2fa1e01023bce2e4b813200600bb1619d56ceb02", "creation_timestamp": "2025-06-12T21:34:38.000000Z"}, {"uuid": "9cc28267-1d2b-4496-af77-15b95aae5913", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31478", "type": "seen", "source": "https://t.me/cvedetector/23203", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31478 - Zulip Unauthenticated Account Creation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31478 \nPublished : April 16, 2025, 10:15 p.m. | 1\u00a0hour, 39\u00a0minutes ago \nDescription : Zulip is an open-source team collaboration tool. Zulip supports a configuration where account creation is limited solely by being able to authenticate with a single-sign on authentication backend, meaning the organization places no restrictions on email address domains or invitations being required to join, but has disabled the EmailAuthBackend that is used for email/password authentication. A bug in the Zulip server means that it is possible to create an account in such organizations, without having an account with the configured SSO authentication backend. This issue is patched in version 10.2. A workaround includes requiring invitations to join the organization prevents the vulnerability from being accessed. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-17T02:06:42.000000Z"}, {"uuid": "a5324e09-3e89-4120-ae25-719b2eff5719", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31477", "type": "seen", "source": "https://t.me/cvedetector/21916", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31477 - Tauri Shell Plugin Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31477 \nPublished : April 2, 2025, 10:15 p.m. | 20\u00a0minutes ago \nDescription : The Tauri shell plugin allows access to the system shell. Prior to 2.2.1, the Tauri shell plugin exposes functionality to execute code and open programs on the system. The open endpoint of this plugin is designed to allow open functionality with the system opener (e.g. xdg-open on Linux). This was meant to be restricted to a reasonable number of protocols like https or mailto by default. This default restriction was not functional due to improper validation of the allowed protocols, allowing for potentially dangerous protocols like file://, smb://, or nfs:// and others to be opened by the system registered protocol handler. By passing untrusted user input to the open endpoint these potentially dangerous protocols can be abused to gain remote code execution on the system. This either requires direct exposure of the endpoint to application users or code execution in the frontend of a Tauri application. This vulnerability is fixed in 2.2.1. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T01:01:23.000000Z"}, {"uuid": "3ec37ea7-49cf-4692-a6d1-404d355a718f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31471", "type": "seen", "source": "https://t.me/cvedetector/21423", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31471 - Falcon Solutions Duplicate Page and Post Stored Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31471 \nPublished : March 28, 2025, 12:15 p.m. | 2\u00a0hours, 7\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Falcon Solutions Duplicate Page and Post allows Stored XSS. This issue affects Duplicate Page and Post: from n/a through 1.0. \nSeverity: 5.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-28T16:04:47.000000Z"}, {"uuid": "1bb98b29-0c5e-4a65-97b1-54326f0c45d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31470", "type": "seen", "source": "https://t.me/cvedetector/21422", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31470 - FancyThemes Page Takeover Stored Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31470 \nPublished : March 28, 2025, 12:15 p.m. | 2\u00a0hours, 7\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FancyThemes Page Takeover allows Stored XSS. This issue affects Page Takeover: from n/a through 1.1.6. \nSeverity: 5.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-28T16:04:46.000000Z"}, {"uuid": "83d2e6c7-bb41-449e-9f94-7bd650c06317", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31474", "type": "seen", "source": "https://t.me/cvedetector/21419", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31474 - Matthewprice1178 WP Database Optimizer CSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31474 \nPublished : March 28, 2025, 12:15 p.m. | 2\u00a0hours, 7\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in matthewprice1178 WP Database Optimizer allows Cross Site Request Forgery. This issue affects WP Database Optimizer: from n/a through 1.2.1.3. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-28T16:04:41.000000Z"}, {"uuid": "6a53a968-0f23-4422-adb3-26691535705a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31473", "type": "seen", "source": "https://t.me/cvedetector/21418", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31473 - WordPress Database Optimizer Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31473 \nPublished : March 28, 2025, 12:15 p.m. | 2\u00a0hours, 7\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in matthewprice1178 WP Database Optimizer allows Stored XSS. This issue affects WP Database Optimizer: from n/a through 1.2.1.3. \nSeverity: 5.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-28T16:04:40.000000Z"}, {"uuid": "754088e6-2279-459c-933f-ec8dea5200ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31479", "type": "seen", "source": "https://t.me/cvedetector/21917", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31479 - GitHub Get-Workflow-Version-Action Token Truncation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31479 \nPublished : April 2, 2025, 10:15 p.m. | 20\u00a0minutes ago \nDescription : canonical/get-workflow-version-action is a GitHub composite action to get commit SHA that GitHub Actions reusable workflow was called with. Prior to 1.0.1, if the get-workflow-version-action step fails, the exception output may include the GITHUB_TOKEN. If the full token is included in the exception output, GitHub will automatically redact the secret from the GitHub Actions logs. However, the token may be truncated\u2014causing part of the GITHUB_TOKEN to be displayed in plaintext in the GitHub Actions logs. Anyone with read access to the GitHub repository can view GitHub Actions logs. For public repositories, anyone can view the GitHub Actions logs. The opportunity to exploit this vulnerability is limited\u2014the GITHUB_TOKEN is automatically revoked when the job completes. However, there is an opportunity for an attack in the time between the GITHUB_TOKEN being displayed in the logs and the completion of the job. Users using the github-token input are impacted. This vulnerability is fixed in 1.0.1. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T01:01:24.000000Z"}, {"uuid": "24259382-4d94-450a-91f2-20d7d94bd8a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-31477", "type": "published-proof-of-concept", "source": "https://github.com/tauri-apps/plugins-workspace/security/advisories/GHSA-c9pr-q8gx-3mgp", "content": "", "creation_timestamp": "2025-04-02T09:40:52.000000Z"}, {"uuid": "261016f1-2ab9-4bf1-b94d-f41eff9d71a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3147", "type": "published-proof-of-concept", "source": "Telegram/LIdFABEsmgRONqCXACjX-IG53KiWfy5qVv_Cpf73l1KRWUI", "content": "", "creation_timestamp": "2025-04-03T09:30:50.000000Z"}]}