CVE-2025-47775

Published May 14th, 2025

View on NVD ↗

CVSS v3

6.2

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Bullfrog is a GithHb Action to block unauthorized outbound traffic in GitHub workflows. Prior to version 0.8.4, using tcp breaks blocking and allows DNS exfiltration. This can result in sandbox bypass. Version 0.8.4 fixes the issue.

bullfrogsec/bullfrog

Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows

GitHub

125