CNNVD-202602-1289 Information
Feb 09, 2026
cve
CNNVD ID
CNNVD-202602-1289
Related CVE
- CNNVD Published: 2026-02-09
Description (Chinese)
Harden-Runner是StepSecurity开源的一个程序。为 GitHub 托管和自托管的跑步者提供网络出口过滤和运行时安全。 Harden-Runner 2.14.2之前版本存在安全漏洞,该漏洞源于出站网络连接可绕过审计日志记录,可能导致检测和日志记录失效。
Description (English)
Harden-Runner is a StepSecurity open source program. Net export filtering and running security for GitHub hosts and self-hosting runners. Prior version of Harden-Runner 2.14.2 had a security loophole, which stemmed from the fact that the out-of-site network connection could bypass the audit log records and could result in the detection and log log log records being invalidated.
Vulnerability Type
其他
Affected Vendor
StepSecurity
Published
2026-02-09
Last Modified
2026-02-24
References
https://github.com/step-security/harden-runner/releases/tag/v2.14.2 https://github.com/step-security/harden-runner/security/advisories/GHSA-cpmj-h4f6-r6pq