CVE-2023-51664
📋 TL;DR
CVE-2023-51664 is a command injection vulnerability in the tj-actions/changed-files GitHub Action that allows attackers to execute arbitrary commands on GitHub Runners by manipulating changed filenames. This can lead to secret leakage, repository compromise, and unauthorized access to CI/CD pipelines. Anyone using vulnerable versions of this GitHub Action in their workflows is affected.
💻 Affected Systems
- tj-actions/changed-files GitHub Action
📦 What is this software?
Changed Files by Tj Actions
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of GitHub Runner with ability to exfiltrate repository secrets, modify source code, deploy malicious artifacts, and pivot to other systems in the CI/CD pipeline.
Likely Case
Unauthorized command execution leading to secret leakage (tokens, credentials), repository data exfiltration, and potential supply chain attacks through compromised builds.
If Mitigated
Limited impact due to restricted runner permissions, network isolation, and minimal secrets exposure, potentially only affecting non-sensitive operations.
🎯 Exploit Status
Exploitation requires ability to create or modify files in a repository (typically through pull requests). The vulnerability is well-documented in the security advisory with technical details.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 41.0.0 and later
Vendor Advisory: https://github.com/tj-actions/changed-files/security/advisories/GHSA-mcph-m25j-8j63
Restart Required: No
Instructions:
1. Update your GitHub workflow YAML files to reference tj-actions/changed-files@v41.0.0 or later. 2. Replace any version tags like @v40 or @main with @v41.0.0. 3. Test your workflows to ensure compatibility with the updated version.
🔧 Temporary Workarounds
Pin to safe version
allExplicitly pin the action to version 41.0.0 or later in all workflow files
- uses: tj-actions/changed-files@v41.0.0
Temporary disable action
allTemporarily remove or comment out the changed-files action from workflows until patching
# - uses: tj-actions/changed-files
🧯 If You Can't Patch
- Implement strict code review for all pull requests, especially those modifying workflow files
- Limit GitHub Runner permissions to minimum required and use ephemeral runners
🔍 How to Verify
Check if Vulnerable:
Check your GitHub workflow YAML files for references to tj-actions/changed-files with version tags older than v41.0.0 or using @main/@master without explicit version pinning.Check Version:
grep -r "tj-actions/changed-files" .github/workflows/Verify Fix Applied:
Verify all workflow files reference tj-actions/changed-files@v41.0.0 or later. Run a test workflow to confirm the action functions correctly with the updated version.📡 Detection & Monitoring
Log Indicators:
- Unexpected command execution in GitHub Actions logs
- Suspicious shell commands in changed-files action output
- Failed workflow runs with command injection errors
Network Indicators:
- Unexpected outbound connections from GitHub Runners during changed-files execution
- DNS requests to suspicious domains from action context
SIEM Query:
source="github-actions" action="changed-files" (command_injection OR shell_exec OR suspicious_command)🔗 References
- https://github.com/tj-actions/changed-files/commit/0102c07446a3cad972f4afcbd0ee4dbc4b6d2d1b
- https://github.com/tj-actions/changed-files/commit/716b1e13042866565e00e85fd4ec490e186c4a2f
- https://github.com/tj-actions/changed-files/commit/ff2f6e6b91913a7be42be1b5917330fe442f2ede
- https://github.com/tj-actions/changed-files/security/advisories/GHSA-mcph-m25j-8j63
- https://github.com/tj-actions/changed-files/commit/0102c07446a3cad972f4afcbd0ee4dbc4b6d2d1b
- https://github.com/tj-actions/changed-files/commit/716b1e13042866565e00e85fd4ec490e186c4a2f
- https://github.com/tj-actions/changed-files/commit/ff2f6e6b91913a7be42be1b5917330fe442f2ede
- https://github.com/tj-actions/changed-files/security/advisories/GHSA-mcph-m25j-8j63
