Log in

GitHub Actions - CVE-2025-30066 Detection

Detect and mitigate the impact of CVE-2025-30066 by identifying compromised versions of tj-actions/changed-files in GitHub workflows.

Share
Created by
Author: Sola Security
Sola Security Last updated 16 March 2025 Tags GitHub CI/CD Security Supply Chain Security +5 X

Monitor GitHub workflows for instances of the compromised tj-actions/changed-files versions (v35, v44, v5) linked to CVE-2025-30066. This app helps security teams quickly identify affected repositories, take immediate remediation actions, and track workflow security risks.

Who is it for?

  • Security engineers, DevSecOps teams, CISOs, and incident response professionals responsible for securing GitHub Actions workflows and mitigating supply chain risks.

What problems does it solve?

  • Detect GitHub workflows using compromised versions of tj-actions/changed-files (v35, v44, v5) linked to CVE-2025-30066 and mitigate the risk of unauthorized code execution.

Key security questions

  • Is my organization vulnerable to CVE-2025-30066?

  • Are any of my repositories affected by CVE-2025-30066?

  • Do any of my GitHub workflows contain vulnerabilities related to CVE-2025-30066?

Add this app to your Sola workspace
Similar apps
Get early access
Snag a better spot on the waitlist by signing up with a business email address
By pressing the button above, you confirm that you have read, understood, and agree to the privacy policy and terms and conditions.
Just a couple more questions...
By pressing the button above, you confirm that you have read, understood, and agree to the privacy policy and terms and conditions.
You're on the waitlist!

Keep an eye on your inbox (and maybe your spam folder) for an update soon.

Spread the word, we like attention.