VYPR

Cookbook

by Nextcloud

CVEs (1)

  • CVE-2023-31128May 26, 2023
    risk 0.00cvss epss 0.03

    NextCloud Cookbook is a recipe library app. Prior to commit a46d9855 on the `master` branch and commit 489bb744 on the `main-0.9.x` branch, the `pull-checks.yml` workflow is vulnerable to command injection attacks because of using an untrusted `github.head_ref` field. The…