Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Potential security issues in GitHub Actions workflows #1718

Closed
jiangnanpro opened this issue Oct 30, 2024 · 1 comment
Closed

Potential security issues in GitHub Actions workflows #1718

jiangnanpro opened this issue Oct 30, 2024 · 1 comment
Assignees
@blampe
Labels
impact/security resolution/fixed This issue was fixed

Comments

@jiangnanpro
Copy link

jiangnanpro commented Oct 30, 2024
edited
Loading

Potential security issues in GitHub Actions workflows

Hi! We are a research team from Radboud University in the Netherlands, currently working on security vulnerability analysis on GitHub Actions workflows. During our study, we found some potential issues in the workflow files of your repository and would like to bring them to your attention to help enhance security.

If you are interested, how would you like us to report it?

If you have any questions, please feel free to reach out!
Thank you!
@pulumi-bot pulumi-bot added the needs-triage Needs attention from the triage team label Oct 30, 2024
@blampe blampe added resolution/fixed This issue was fixed impact/security and removed needs-triage Needs attention from the triage team labels Dec 7, 2024
@blampe
Copy link
Contributor

blampe commented Dec 7, 2024

@jiangnanpro please reach out to [email protected] if you have a vulnerability to report.

https://www.pulumi.com/security/

@blampe blampe closed this as completed Dec 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@blampe blampe

Labels
impact/security resolution/fixed This issue was fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@blampe @pulumi-bot @jiangnanpro