THREAT OPS › CVEs › CVE-2025-30154
CVE-2025-30154 — reviewdog/action-setup GitHub Action Embedded Malicious Code Vulnerability
reviewdog action-setup GitHub Action contains an embedded malicious code vulnerability that dumps exposed secrets to Github Actions Workflow Logs.
Vulnerability details
- Affected productsaction-setup GitHub Action
- KEV remediation due2025-04-14