Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-30066 PoC — changed-files 安全漏洞

Source
https://github.com/OS-pedrogustavobilro/test-changed-files
Associated Vulnerability
Title:changed-files 安全漏洞 (CVE-2025-30066)
Description:tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious updateFeatures code.)
Description
Test CVE-2025-30066
Readme
Check that [tj-actions/changed-files](https://github.com/tj-actions/changed-files) GitHub Action no longer [has malicious code](https://github.com/tj-actions/changed-files/issues/2464) that would dump memory content to the app, potentially leaking secrets. Security vulnerability report - https://www.cve.org/CVERecord?id=CVE-2025-30066
File Snapshot

 [4.0K]  /data/pocs/5f85a863c648ca4fdace54ebbaf29c04c5600dff
├── [   8]  dummy_file.txt
└── [ 336]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →