CVE - CVE-2025-30066

CVE-ID
CVE-2025-30066	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
tj-actions changed-files before 46 allows remote attackers to discover secrets by reading actions logs. (The tags v1 through v45.0.7 were affected on 2025-03-14 and 2025-03-15 because they were modified by a threat actor to point at commit 0e58ed8, which contained malicious updateFeatures code.)
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://github.com/tj-actions/changed-files/issues/2477 MISC:https://www.stream.security/post/github-action-supply-chain-attack-exposes-secrets-what-you-need-to-know-and-how-to-respond MISC:https://www.sweet.security/blog/cve-2025-30066-tj-actions-supply-chain-attack MISC:https://www.wiz.io/blog/github-action-tj-actions-changed-files-supply-chain-attack-cve-2025-30066 MISC:https://github.com/chains-project/maven-lockfile/pull/1111 URL:https://github.com/chains-project/maven-lockfile/pull/1111 MISC:https://github.com/espressif/arduino-esp32/issues/11127 URL:https://github.com/espressif/arduino-esp32/issues/11127 MISC:https://github.com/github/docs/blob/962a1c8dccb8c0f66548b324e5b921b5e4fbc3d6/content/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions.md?plain=1#L191-L193 URL:https://github.com/github/docs/blob/962a1c8dccb8c0f66548b324e5b921b5e4fbc3d6/content/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions.md?plain=1#L191-L193 MISC:https://github.com/modal-labs/modal-examples/issues/1100 URL:https://github.com/modal-labs/modal-examples/issues/1100 MISC:https://github.com/rackerlabs/genestack/pull/903 URL:https://github.com/rackerlabs/genestack/pull/903 MISC:https://github.com/tj-actions/changed-files/blob/45fb12d7a8bedb4da42342e52fe054c6c2c3fd73/README.md?plain=1#L20-L28 URL:https://github.com/tj-actions/changed-files/blob/45fb12d7a8bedb4da42342e52fe054c6c2c3fd73/README.md?plain=1#L20-L28 MISC:https://github.com/tj-actions/changed-files/issues/2463 URL:https://github.com/tj-actions/changed-files/issues/2463 MISC:https://github.com/tj-actions/changed-files/issues/2464 URL:https://github.com/tj-actions/changed-files/issues/2464 MISC:https://news.ycombinator.com/item?id=43367987 URL:https://news.ycombinator.com/item?id=43367987 MISC:https://news.ycombinator.com/item?id=43368870 URL:https://news.ycombinator.com/item?id=43368870 MISC:https://semgrep.dev/blog/2025/popular-github-action-tj-actionschanged-files-is-compromised/ URL:https://semgrep.dev/blog/2025/popular-github-action-tj-actionschanged-files-is-compromised/ MISC:https://sysdig.com/blog/detecting-and-mitigating-the-tj-actions-changed-files-supply-chain-attack-cve-2025-30066/ URL:https://sysdig.com/blog/detecting-and-mitigating-the-tj-actions-changed-files-supply-chain-attack-cve-2025-30066/ MISC:https://web.archive.org/web/20250315060250/https://github.com/tj-actions/changed-files/issues/2463 URL:https://web.archive.org/web/20250315060250/https://github.com/tj-actions/changed-files/issues/2463 MISC:https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised URL:https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised
Assigning CNA
MITRE Corporation
Date Record Created
20250315	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20250315)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)