Reviewdog Action Setup
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Reviewdog Action Setup.
By the Year
In 2026 there have been 0 vulnerabilities in Reviewdog Action Setup. Last year, in 2025 Action Setup had 1 security vulnerability published. Right now, Action Setup is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 8.60 |
It may take a day or so for new Action Setup vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Reviewdog Action Setup Security Vulnerabilities
reviewdog/action-setup GitHub Action exfiltrates secrets to logs
CVE-2025-30154
8.6 - High
- March 19, 2025
reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use `reviewdog/action-setup@v1` that would also be compromised, regardless of version or pinning method, are reviewdog/action-shellcheck, reviewdog/action-composite-template, reviewdog/action-staticcheck, reviewdog/action-ast-grep, and reviewdog/action-typos.
Embedded Malicious Code
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Reviewdog Action Setup or by Reviewdog? Click the Watch button to subscribe.
