CVE-2023-52137
📋 TL;DR
This CVE describes a command injection vulnerability in the tj-actions/verify-changed-files GitHub Action. Attackers can inject malicious commands through specially crafted filenames, potentially executing arbitrary code on GitHub Runners and stealing secrets like GITHUB_TOKEN. Users of this action in GitHub workflows are affected.
💻 Affected Systems
- tj-actions/verify-changed-files GitHub Action
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of GitHub Runner with execution of arbitrary commands, theft of all repository secrets including GITHUB_TOKEN, and potential lateral movement within GitHub infrastructure.
Likely Case
Execution of limited commands on GitHub Runner, potential exfiltration of workflow secrets, and unauthorized access to repository contents.
If Mitigated
No impact if safe_output is enabled and outputs are properly handled, or if action is not used with vulnerable configurations.
🎯 Exploit Status
Exploitation requires ability to create or modify filenames in a repository, typically through pull requests or direct commits.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: v17 and v17.0.0
Vendor Advisory: https://github.com/tj-actions/verify-changed-files/security/advisories/GHSA-ghm2-rq8q-wrhc
Restart Required: No
Instructions:
1. Update your workflow to use tj-actions/verify-changed-files@v17 or later. 2. Verify safe_output is enabled (default in patched versions). 3. Review workflow usage to ensure outputs are properly handled.
🔧 Temporary Workarounds
Enable safe_output manually
allManually enable safe_output parameter in workflow configuration
- uses: tj-actions/verify-changed-files@v16
with:
safe_output: true
Sanitize output before use
allProperly escape or sanitize the action output before using in run commands
- name: Sanitize output
run: |
SANITIZED_OUTPUT="$(echo "${{ steps.verify.outputs.changed_files }}" | sed 's/[^a-zA-Z0-9._/-]//g')"
echo "Sanitized: $SANITIZED_OUTPUT"
🧯 If You Can't Patch
- Disable or remove the verify-changed-files action from workflows
- Implement strict filename validation in repository policies
🔍 How to Verify
Check if Vulnerable:
Check workflow YAML files for uses: tj-actions/verify-changed-files with version below v17 and without safe_output: true parameter.Check Version:
grep -r "tj-actions/verify-changed-files" .github/workflows/Verify Fix Applied:
Verify workflow uses tj-actions/verify-changed-files@v17 or later, or has safe_output: true explicitly set.📡 Detection & Monitoring
Log Indicators:
- Unexpected command execution in GitHub Actions logs
- Suspicious filenames containing special characters in workflow outputs
Network Indicators:
- Unusual outbound connections from GitHub Runners during workflow execution
SIEM Query:
source="github-actions" AND ("verify-changed-files" OR "changed_files") AND command_execution🔗 References
- https://github.com/tj-actions/verify-changed-files/commit/498d3f316f501aa72485060e8c96fde7b2014f12
- https://github.com/tj-actions/verify-changed-files/commit/592e305da041c09a009afa4a43c97d889bed65c3
- https://github.com/tj-actions/verify-changed-files/security/advisories/GHSA-ghm2-rq8q-wrhc
- https://github.com/tj-actions/verify-changed-files/commit/498d3f316f501aa72485060e8c96fde7b2014f12
- https://github.com/tj-actions/verify-changed-files/commit/592e305da041c09a009afa4a43c97d889bed65c3
- https://github.com/tj-actions/verify-changed-files/security/advisories/GHSA-ghm2-rq8q-wrhc
