Movatterモバイル変換

[0]ホーム
URL:

CodeQL documentation
CodeQL resources

CWE coverage for GitHub Actions

An overview of CWE coverage for GitHub Actions in the latest release of CodeQL.

Overview

CWELanguageQuery idQuery name
CWE-20GitHub Actionsactions/composite-action-sinksComposite Action Sinks
CWE-20GitHub Actionsactions/composite-action-sourcesComposite Action Sources
CWE-20GitHub Actionsactions/composite-action-summariesComposite Action Summaries
CWE-20GitHub Actionsactions/reusable-workflow-sinksReusable Workflow Sinks
CWE-20GitHub Actionsactions/reusable-workflow-sourcesReusable Workflow Sources
CWE-20GitHub Actionsactions/reusable-workflow-summariesReusable Workflows Summaries
CWE-20GitHub Actionsactions/envpath-injection/criticalPATH environment variable built from user-controlled sources
CWE-20GitHub Actionsactions/envpath-injection/mediumPATH environment variable built from user-controlled sources
CWE-20GitHub Actionsactions/envvar-injection/criticalEnvironment variable built from user-controlled sources
CWE-20GitHub Actionsactions/envvar-injection/mediumEnvironment variable built from user-controlled sources
CWE-74GitHub Actionsactions/envpath-injection/criticalPATH environment variable built from user-controlled sources
CWE-74GitHub Actionsactions/envpath-injection/mediumPATH environment variable built from user-controlled sources
CWE-74GitHub Actionsactions/envvar-injection/criticalEnvironment variable built from user-controlled sources
CWE-74GitHub Actionsactions/envvar-injection/mediumEnvironment variable built from user-controlled sources
CWE-74GitHub Actionsactions/code-injection/criticalCode injection
CWE-74GitHub Actionsactions/code-injection/mediumCode injection
CWE-74GitHub Actionsactions/cache-poisoning/code-injectionCache Poisoning via low-privileged code injection
CWE-74GitHub Actionsactions/output-clobbering/highOutput Clobbering
CWE-74GitHub Actionsactions/command-injection/criticalCommand built from user-controlled sources
CWE-74GitHub Actionsactions/command-injection/mediumCommand built from user-controlled sources
CWE-74GitHub Actionsactions/argument-injection/criticalArgument injection
CWE-74GitHub Actionsactions/argument-injection/mediumArgument injection
CWE-77GitHub Actionsactions/envpath-injection/criticalPATH environment variable built from user-controlled sources
CWE-77GitHub Actionsactions/envpath-injection/mediumPATH environment variable built from user-controlled sources
CWE-77GitHub Actionsactions/envvar-injection/criticalEnvironment variable built from user-controlled sources
CWE-77GitHub Actionsactions/envvar-injection/mediumEnvironment variable built from user-controlled sources
CWE-77GitHub Actionsactions/command-injection/criticalCommand built from user-controlled sources
CWE-77GitHub Actionsactions/command-injection/mediumCommand built from user-controlled sources
CWE-77GitHub Actionsactions/argument-injection/criticalArgument injection
CWE-77GitHub Actionsactions/argument-injection/mediumArgument injection
CWE-78GitHub Actionsactions/command-injection/criticalCommand built from user-controlled sources
CWE-78GitHub Actionsactions/command-injection/mediumCommand built from user-controlled sources
CWE-88GitHub Actionsactions/argument-injection/criticalArgument injection
CWE-88GitHub Actionsactions/argument-injection/mediumArgument injection
CWE-94GitHub Actionsactions/code-injection/criticalCode injection
CWE-94GitHub Actionsactions/code-injection/mediumCode injection
CWE-94GitHub Actionsactions/cache-poisoning/code-injectionCache Poisoning via low-privileged code injection
CWE-95GitHub Actionsactions/code-injection/criticalCode injection
CWE-95GitHub Actionsactions/code-injection/mediumCode injection
CWE-116GitHub Actionsactions/code-injection/criticalCode injection
CWE-116GitHub Actionsactions/code-injection/mediumCode injection
CWE-200GitHub Actionsactions/secret-exfiltrationSecret exfiltration
CWE-284GitHub Actionsactions/improper-access-controlImproper Access Control
CWE-284GitHub Actionsactions/pr-on-self-hosted-runnerPull Request code execution on self-hosted runner
CWE-285GitHub Actionsactions/improper-access-controlImproper Access Control
CWE-311GitHub Actionsactions/excessive-secrets-exposureExcessive Secrets Exposure
CWE-311GitHub Actionsactions/secrets-in-artifactsStorage of sensitive information in GitHub Actions artifact
CWE-311GitHub Actionsactions/unmasked-secret-exposureUnmasked Secret Exposure
CWE-312GitHub Actionsactions/excessive-secrets-exposureExcessive Secrets Exposure
CWE-312GitHub Actionsactions/secrets-in-artifactsStorage of sensitive information in GitHub Actions artifact
CWE-312GitHub Actionsactions/unmasked-secret-exposureUnmasked Secret Exposure
CWE-345GitHub Actionsactions/cache-poisoning/code-injectionCache Poisoning via low-privileged code injection
CWE-345GitHub Actionsactions/cache-poisoning/direct-cacheCache Poisoning via caching of untrusted files
CWE-345GitHub Actionsactions/cache-poisoning/poisonable-stepCache Poisoning via execution of untrusted code
CWE-349GitHub Actionsactions/cache-poisoning/code-injectionCache Poisoning via low-privileged code injection
CWE-349GitHub Actionsactions/cache-poisoning/direct-cacheCache Poisoning via caching of untrusted files
CWE-349GitHub Actionsactions/cache-poisoning/poisonable-stepCache Poisoning via execution of untrusted code
CWE-362GitHub Actionsactions/untrusted-checkout-toctou/criticalUntrusted Checkout TOCTOU
CWE-362GitHub Actionsactions/untrusted-checkout-toctou/highUntrusted Checkout TOCTOU
CWE-367GitHub Actionsactions/untrusted-checkout-toctou/criticalUntrusted Checkout TOCTOU
CWE-367GitHub Actionsactions/untrusted-checkout-toctou/highUntrusted Checkout TOCTOU
CWE-441GitHub Actionsactions/request-forgeryUncontrolled data used in network request
CWE-610GitHub Actionsactions/request-forgeryUncontrolled data used in network request
CWE-664GitHub Actionsactions/code-injection/criticalCode injection
CWE-664GitHub Actionsactions/code-injection/mediumCode injection
CWE-664GitHub Actionsactions/improper-access-controlImproper Access Control
CWE-664GitHub Actionsactions/excessive-secrets-exposureExcessive Secrets Exposure
CWE-664GitHub Actionsactions/secrets-in-artifactsStorage of sensitive information in GitHub Actions artifact
CWE-664GitHub Actionsactions/unmasked-secret-exposureUnmasked Secret Exposure
CWE-664GitHub Actionsactions/cache-poisoning/code-injectionCache Poisoning via low-privileged code injection
CWE-664GitHub Actionsactions/artifact-poisoning/criticalArtifact poisoning
CWE-664GitHub Actionsactions/artifact-poisoning/mediumArtifact poisoning
CWE-664GitHub Actionsactions/unpinned-tagUnpinned tag for a non-immutable Action in workflow
CWE-664GitHub Actionsactions/untrusted-checkout/criticalCheckout of untrusted code in a privileged context
CWE-664GitHub Actionsactions/untrusted-checkout/highCheckout of untrusted code in trusted context
CWE-664GitHub Actionsactions/untrusted-checkout/mediumCheckout of untrusted code in trusted context
CWE-664GitHub Actionsactions/secret-exfiltrationSecret exfiltration
CWE-664GitHub Actionsactions/pr-on-self-hosted-runnerPull Request code execution on self-hosted runner
CWE-664GitHub Actionsactions/artifact-poisoning/path-traversalArtifact Poisoning (Path Traversal).
CWE-664GitHub Actionsactions/unversioned-immutable-actionUnversioned Immutable Action
CWE-664GitHub Actionsactions/request-forgeryUncontrolled data used in network request
CWE-668GitHub Actionsactions/secret-exfiltrationSecret exfiltration
CWE-669GitHub Actionsactions/artifact-poisoning/criticalArtifact poisoning
CWE-669GitHub Actionsactions/artifact-poisoning/mediumArtifact poisoning
CWE-669GitHub Actionsactions/unpinned-tagUnpinned tag for a non-immutable Action in workflow
CWE-669GitHub Actionsactions/untrusted-checkout/criticalCheckout of untrusted code in a privileged context
CWE-669GitHub Actionsactions/untrusted-checkout/highCheckout of untrusted code in trusted context
CWE-669GitHub Actionsactions/untrusted-checkout/mediumCheckout of untrusted code in trusted context
CWE-669GitHub Actionsactions/artifact-poisoning/path-traversalArtifact Poisoning (Path Traversal).
CWE-669GitHub Actionsactions/unversioned-immutable-actionUnversioned Immutable Action
CWE-691GitHub Actionsactions/code-injection/criticalCode injection
CWE-691GitHub Actionsactions/code-injection/mediumCode injection
CWE-691GitHub Actionsactions/cache-poisoning/code-injectionCache Poisoning via low-privileged code injection
CWE-691GitHub Actionsactions/untrusted-checkout-toctou/criticalUntrusted Checkout TOCTOU
CWE-691GitHub Actionsactions/untrusted-checkout-toctou/highUntrusted Checkout TOCTOU
CWE-693GitHub Actionsactions/composite-action-sinksComposite Action Sinks
CWE-693GitHub Actionsactions/composite-action-sourcesComposite Action Sources
CWE-693GitHub Actionsactions/composite-action-summariesComposite Action Summaries
CWE-693GitHub Actionsactions/reusable-workflow-sinksReusable Workflow Sinks
CWE-693GitHub Actionsactions/reusable-workflow-sourcesReusable Workflow Sources
CWE-693GitHub Actionsactions/reusable-workflow-summariesReusable Workflows Summaries
CWE-693GitHub Actionsactions/envpath-injection/criticalPATH environment variable built from user-controlled sources
CWE-693GitHub Actionsactions/envpath-injection/mediumPATH environment variable built from user-controlled sources
CWE-693GitHub Actionsactions/envvar-injection/criticalEnvironment variable built from user-controlled sources
CWE-693GitHub Actionsactions/envvar-injection/mediumEnvironment variable built from user-controlled sources
CWE-693GitHub Actionsactions/improper-access-controlImproper Access Control
CWE-693GitHub Actionsactions/excessive-secrets-exposureExcessive Secrets Exposure
CWE-693GitHub Actionsactions/secrets-in-artifactsStorage of sensitive information in GitHub Actions artifact
CWE-693GitHub Actionsactions/unmasked-secret-exposureUnmasked Secret Exposure
CWE-693GitHub Actionsactions/cache-poisoning/code-injectionCache Poisoning via low-privileged code injection
CWE-693GitHub Actionsactions/cache-poisoning/direct-cacheCache Poisoning via caching of untrusted files
CWE-693GitHub Actionsactions/cache-poisoning/poisonable-stepCache Poisoning via execution of untrusted code
CWE-693GitHub Actionsactions/pr-on-self-hosted-runnerPull Request code execution on self-hosted runner
CWE-707GitHub Actionsactions/envpath-injection/criticalPATH environment variable built from user-controlled sources
CWE-707GitHub Actionsactions/envpath-injection/mediumPATH environment variable built from user-controlled sources
CWE-707GitHub Actionsactions/envvar-injection/criticalEnvironment variable built from user-controlled sources
CWE-707GitHub Actionsactions/envvar-injection/mediumEnvironment variable built from user-controlled sources
CWE-707GitHub Actionsactions/code-injection/criticalCode injection
CWE-707GitHub Actionsactions/code-injection/mediumCode injection
CWE-707GitHub Actionsactions/cache-poisoning/code-injectionCache Poisoning via low-privileged code injection
CWE-707GitHub Actionsactions/output-clobbering/highOutput Clobbering
CWE-707GitHub Actionsactions/command-injection/criticalCommand built from user-controlled sources
CWE-707GitHub Actionsactions/command-injection/mediumCommand built from user-controlled sources
CWE-707GitHub Actionsactions/argument-injection/criticalArgument injection
CWE-707GitHub Actionsactions/argument-injection/mediumArgument injection
CWE-829GitHub Actionsactions/artifact-poisoning/criticalArtifact poisoning
CWE-829GitHub Actionsactions/artifact-poisoning/mediumArtifact poisoning
CWE-829GitHub Actionsactions/unpinned-tagUnpinned tag for a non-immutable Action in workflow
CWE-829GitHub Actionsactions/untrusted-checkout/criticalCheckout of untrusted code in a privileged context
CWE-829GitHub Actionsactions/untrusted-checkout/highCheckout of untrusted code in trusted context
CWE-829GitHub Actionsactions/untrusted-checkout/mediumCheckout of untrusted code in trusted context
CWE-829GitHub Actionsactions/artifact-poisoning/path-traversalArtifact Poisoning (Path Traversal).
CWE-829GitHub Actionsactions/unversioned-immutable-actionUnversioned Immutable Action
CWE-913GitHub Actionsactions/code-injection/criticalCode injection
CWE-913GitHub Actionsactions/code-injection/mediumCode injection
CWE-913GitHub Actionsactions/cache-poisoning/code-injectionCache Poisoning via low-privileged code injection
CWE-918GitHub Actionsactions/request-forgeryUncontrolled data used in network request
CWE-922GitHub Actionsactions/excessive-secrets-exposureExcessive Secrets Exposure
CWE-922GitHub Actionsactions/secrets-in-artifactsStorage of sensitive information in GitHub Actions artifact
CWE-922GitHub Actionsactions/unmasked-secret-exposureUnmasked Secret Exposure
CWE-1395GitHub Actionsactions/vulnerable-actionUse of a known vulnerable action
[8]ページ先頭
©2009-2025 Movatter.jp