Wazuh (Github Actions)
Approved changes feed: RSS · Atom
cpe:2.3:a:wazuh:wazuh_(github_actions):*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Wazuh (a7402332-cdfc-5fc8-bb0e-3f511f6cb7fd) |
|---|---|
| Product | Wazuh (Github Actions) (263853c7-6f56-534e-9434-8b002127f975) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-15617 |
vulnerable | 2026-06-08 07:06:36.559582 |
Wazuh GitHub Actions Workflow Exposure of Sensitive Credentials
MEDIUM (6.5)
Wazuh version 4.12.0 contains an exposure vulnerability in GitHub Actions workflow artifacts that allows attackers to extract the GITHUB_TOKEN from uploaded artifacts. Attackers can use the exposed token within a limited time window to perform unauthorized actions such as pushing malicious commits or altering release tags.
Published: 2026-03-27T18:04:13.691Z
Updated: 2026-05-12T20:46:38.272Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.