Critical severityNVD Advisory· Published Nov 9, 2020· Updated Sep 17, 2024
CVE-2020-14188
CVE-2020-14188
Description
The preprocessArgs function in the Atlassian gajira-create GitHub Action before version 2.0.1 allows remote attackers to execute arbitrary code in the context of a GitHub runner by creating a specially crafted GitHub issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
atlassian/gajira-createGitHub Actions | < 2.0.1 | 2.0.1 |
Affected products
2- Range: unspecified
Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-4xqx-pqpj-9fqwghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-14188ghsaADVISORY
- github.com/atlassian/gajira-create/security/advisories/GHSA-4xqx-pqpj-9fqwghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.