Critical Vulnerability identified in tj-actions/branch-names’ GitHub Action workflow
Security advisory: Patch Now! Critical Command Injection in GitHub Action tj-actions/branch-names Affects 5,000+ public repositories.
Summary:
A critical vulnerability has been identified in the tj-actions/branch-names’ GitHub Action workflow which allows arbitrary command execution in downstream workflows. This issue arises due to inconsistent input sanitization and unescaped output, enabling malicious actors to exploit specially crafted branch names or tags.
| Severity | Critical |
| CVSS Score | 9.1 |
| CVEs | CVE-2025-54416 |
| POC Available | Yes |
| Actively Exploited | No |
| Exploited in Wild | No |
| Advisory Version | 1.0 |
Overview
This issue arises due to inconsistent input sanitization and unescaped output, enabling malicious actors to exploit specially crafted branch names or tags. While internal sanitization mechanisms have been implemented, the action outputs remain vulnerable, exposing consuming workflows to significant security risks. This is fixed in version 9.0.0
The flaw allows attackers to run any command during GitHub Actions workflows by creating specially crafted branch names or tags.
| Vulnerability Name | CVE ID | Product Affected | Severity | Fixed Version |
| Command Injection in branch-names GitHub Action | CVE-2025-54416 | tj-actions/branch-names GitHub Action <v8.2.1 | 9.1 | v9.0.0 or later |
Technical Summary
This Vulnerability puts many CI/CD pipelines at serious risk, including the possibility of stealing secrets or injecting malicious code into releases.
The vulnerability exists due to unsafe usage of the eval command in the action’s script. Although some escaping was done using printf “%q”, developers later used eval printf “%s” to unescaped values, which reintroduced command injection risks.
Any branch name containing malicious shell code can trigger execution during workflows.
The vulnerability affects GitHub Action workflows that use tj-actions/branch-names. It allows attackers to inject and execute arbitrary shell commands by creating a branch with malicious content. The issue is caused by the unsafe use of eval when handling branch names and tags in output generation.
| CVE ID | System Affected | Vulnerability Details | Impact |
| CVE-2025-54416 | GitHub repositories using tj-actions/branch-names < v8.2.1 | Unsafe use of eval leads to command injection | Attacker can run arbitrary commands, steal secrets, alter source code, or compromise workflows |
Proof of Concept (POC)
Remediation:
- Update immediately to tj-actions/branch-names version v9.0.0 or higher.
- The vulnerable eval code has been replaced with safe printf usage.
- Review your workflows to ensure no malicious activity has occurred.
- Check logs for strange branch names or unexpected shell activity.
Conclusion:
This command injection flaw is extremely dangerous due to its simplicity and the number of projects it affects. GitHub Actions workflows that use branch names or tags from pull requests are especially at risk. Attackers don’t need access to the code just the ability to open a pull request.
All developers and security teams should act now by updating to the latest version and reviewing usage of GitHub Actions in their workflows.
References:
Recent Comments