Vulnerability Database

309,364

Total vulnerabilities in the database

CVE-2025-47775

Bullfrog is a GithHb Action to block unauthorized outbound traffic in GitHub workflows. Prior to version 0.8.4, using tcp breaks blocking and allows DNS exfiltration. This can result in sandbox bypass. Version 0.8.4 fixes the issue.

Published: May 15, 2025
Updated: Nov 24, 2025
CVE: CVE-2025-47775
GHSA: GHSA-m32f-fjw2-37v3
Severity: Medium
Exploit:

CVSS v3:

Severity: Unknown
Score:
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-201

Affected Software
References

Software	From	Fixed in
bullfrogsec / bullfrog	-	0.8.4

https://github.com/bullfrogsec/bullfrog/commit/ae7744ae4b3a6f8ffc2e49f501e30bf1a43d4671
https://github.com/bullfrogsec/bullfrog/releases/tag/v0.8.4
https://github.com/bullfrogsec/bullfrog/security/advisories/GHSA-m32f-fjw2-37v3

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo