Repositories created using this cookiecutter may include update-integration-tests.yml workflow which had an RCE vulnerability. Extension authors hosting their code on GitHub are urged to upgrade the template to the latest version.
We recommend migrating to extension-template which supports automated updating to newer versions.
You may wish to temporarily disable GitHub Actions while working on the upgrade.
We recommend rebasing all open pull requests from untrusted users as actions may run using the version from the main branch at the time when the pull request was created.
For more details see please GHSA-45gq-v5wm-82wg
avivkeller Finder
pwntester Finder
krassowski Coordinator
Repositories created using this cookiecutter may include
update-integration-tests.ymlworkflow which had an RCE vulnerability. Extension authors hosting their code on GitHub are urged to upgrade the template to the latest version.We recommend migrating to
extension-templatewhich supports automated updating to newer versions.You may wish to temporarily disable GitHub Actions while working on the upgrade.
We recommend rebasing all open pull requests from untrusted users as actions may run using the version from the
mainbranch at the time when the pull request was created.For more details see please GHSA-45gq-v5wm-82wg