github Actions Toolkit
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in github Actions Toolkit.
By the Year
In 2026 there have been 0 vulnerabilities in github Actions Toolkit. Actions Toolkit did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 7.50 |
It may take a day or so for new Actions Toolkit vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent github Actions Toolkit Security Vulnerabilities
Arbitrary File Write via Path Traversal in actions/artifact pre-2.1.2
CVE-2024-42471
7.5 - High
- September 02, 2024
actions/artifact is the GitHub ToolKit for developing GitHub Actions. Versions of `actions/artifact` on the 2.x branch before 2.1.2 are vulnerable to arbitrary file write when using `downloadArtifactInternal`, `downloadArtifactPublic`, or `streamExtractExternal` for extracting a specifically crafted artifact that contains path traversal filenames. Users are advised to upgrade to version 2.1.2 or higher. There are no known workarounds for this issue.
Directory traversal
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for github Actions Toolkit or by github? Click the Watch button to subscribe.
