CVE-2025-30066 Overview
CVE-2025-30066 is a critical supply chain vulnerability affecting the popular GitHub Action tj-actions/changed-files. A threat actor compromised the repository and modified tags v1 through v45.0.7 on March 14-15, 2025, redirecting them to a malicious commit (0e58ed8) containing code designed to exfiltrate sensitive secrets from GitHub Actions workflow logs. This attack represents a significant software supply chain compromise, as the changed-files action is widely used in CI/CD pipelines to detect file changes between commits.
Critical Impact
Organizations using affected versions of tj-actions/changed-files may have had CI/CD secrets, API keys, tokens, and other sensitive credentials exposed through GitHub Actions logs. This vulnerability is listed in CISA's Known Exploited Vulnerabilities (KEV) catalog and has been actively exploited in the wild.
Affected Products
- tj-actions changed-files versions prior to 46
- All tags from v1 through v45.0.7 (compromised between March 14-15, 2025)
- Any CI/CD pipeline referencing the affected tags during the compromise window
Discovery Timeline
- 2025-03-14 - Threat actor modified repository tags to point to malicious commit 0e58ed8
- 2025-03-15 - CVE-2025-30066 published to NVD
- 2025-03-18 - CISA published security alert for supply chain compromise
- 2025-11-05 - Last updated in NVD database
Technical Details for CVE-2025-30066
Vulnerability Analysis
This vulnerability is classified under CWE-506 (Embedded Malicious Code), representing a sophisticated supply chain attack against GitHub Actions infrastructure. The threat actor gained unauthorized access to the tj-actions/changed-files repository and modified existing version tags to reference a malicious commit containing trojanized code. When organizations ran workflows using the compromised action, the malicious updateFeatures code executed within their CI/CD environment.
The attack specifically targeted the trust relationship between developers and the GitHub Actions ecosystem. By modifying existing tags rather than creating new ones, the attacker ensured that any workflow pinned to these tags would automatically pull and execute the compromised code without any visible changes to the workflow configuration files.
Root Cause
The root cause stems from the mutable nature of Git tags combined with the common practice of referencing GitHub Actions by tag rather than by immutable commit SHA. The threat actor exploited this by re-pointing existing tags (v1 through v45.0.7) to commit 0e58ed8, which contained malicious payload code in the updateFeatures function. This malicious code was designed to dump environment variables and secrets to the workflow logs, making them accessible to anyone with read access to the repository's Actions logs.
Attack Vector
The attack exploits the network-accessible GitHub Actions infrastructure without requiring any authentication from the attacker's perspective. When a victim's CI/CD workflow triggers, it fetches the compromised action, which then executes with the permissions granted to the workflow. The malicious code extracts secrets from the CI/CD environment and writes them to the build logs.
The malicious payload within the compromised commit targeted multiple secret sources including environment variables, GitHub tokens, and any secrets passed to the workflow. By exfiltrating these to the logs, the attacker created a persistent record of sensitive credentials that could be harvested even after the compromise was discovered and remediated.
Detection Methods for CVE-2025-30066
Indicators of Compromise
- Workflow runs between March 14-15, 2025 that used tj-actions/changed-files with tags v1 through v45.0.7
- References to commit SHA 0e58ed8 in workflow execution logs
- Unexpected output or environment variable dumps in GitHub Actions logs
- Presence of updateFeatures code execution in action logs during the affected timeframe
Detection Strategies
- Audit all GitHub Actions workflow files for references to tj-actions/changed-files with version tags rather than commit SHAs
- Review GitHub Actions logs from March 14-15, 2025 for any anomalous secret exposure or environment variable dumps
- Scan workflow configurations across repositories to identify any usage of the compromised action versions
- Implement runtime monitoring for GitHub Actions to detect unexpected data exfiltration patterns
Monitoring Recommendations
- Enable GitHub's secret scanning and push protection features to detect accidentally committed secrets
- Configure alerts for workflow runs that produce unusually large log outputs
- Monitor for unauthorized access to CI/CD logs and artifacts
- Implement continuous monitoring of third-party GitHub Actions for unexpected tag modifications using tools like StepSecurity Harden Runner
How to Mitigate CVE-2025-30066
Immediate Actions Required
- Update immediately to tj-actions/changed-files version 46 or later
- Rotate ALL secrets that may have been exposed in CI/CD pipelines during the compromise window (March 14-15, 2025)
- Audit GitHub Actions logs for any evidence of secret exposure
- Review access logs for any suspicious activity using potentially compromised credentials
- Consider removing the compromised action entirely and using alternative approaches or vetted alternatives
Patch Information
The maintainers have released version 46 of tj-actions/changed-files which is not affected by this compromise. Organizations should update their workflow files to reference this version or later. For maximum security, reference the action by its full commit SHA rather than a mutable tag. The GitHub Security Guide provides comprehensive guidance on hardening GitHub Actions security. Additional mitigation guidance is available from CISA's Security Alert and Sysdig's detailed analysis.
Workarounds
- Pin GitHub Actions to immutable commit SHAs instead of version tags to prevent future tag manipulation attacks
- Implement a private mirror or fork of critical GitHub Actions that undergo security review before adoption
- Use GitHub's built-in git diff capabilities directly in workflows as an alternative to third-party changed-files actions
- Deploy tools like StepSecurity Harden Runner to detect and block network egress from GitHub Actions runners
# Example: Pin action to specific commit SHA instead of tag
# Before (vulnerable to tag manipulation):
# uses: tj-actions/changed-files@v45
# After (secure - pinned to specific commit):
# uses: tj-actions/changed-files@<verified-safe-commit-sha>
# Verify the commit SHA of version 46+ before pinning:
git ls-remote --tags https://github.com/tj-actions/changed-files.git | grep v46
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
