CVE-2025-47775HIGH 8.6EPSS p31.5%

CVE-2025-47775CVE-2025-47775

Description

Bullfrog is a GithHb Action to block unauthorized outbound traffic in GitHub workflows. Prior to version 0.8.4, using tcp breaks blocking and allows DNS exfiltration. This can result in sandbox bypass. Version 0.8.4 fixes the issue.

Scoring

CVSS 3.18.6 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
EPSS0.40% probability of exploitation · percentile 31.5% · 2026-06-19T12:03:05Z
Published2025-05-14
Last modified2025-07-11

Underlying weaknesses· 1

CWE-201

References

  1. https://github.com/bullfrogsec/bullfrog/commit/ae7744ae4b3a6f8ffc2e49f501e30bf1a43d4671
  2. https://github.com/bullfrogsec/bullfrog/releases/tag/v0.8.4
  3. https://github.com/bullfrogsec/bullfrog/security/advisories/GHSA-m32f-fjw2-37v3
  4. https://github.com/bullfrogsec/bullfrog/security/advisories/GHSA-m32f-fjw2-37v3

1

TypeTargetConfidenceTier
WeaknessInsertion of Sensitive Information Into Sent Datacwe-2010%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-34430
CVE
CVE-2025-54416
CVE
CVE-2025-54528
CVE
CVE-2025-43012
CVE
CVE-2025-11625
CVE
CVE-2025-57282
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.