Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
GitHub Actions Runner vulnerable to Docker Command Escaping
Vulnerability Description
GitHub Actions Runner is the application that runs a job from a GitHub Actions workflow. The actions runner invokes the docker cli directly in order to run job containers, service containers, or container actions. A bug in the logic for how the environment is encoded into these docker commands was discovered in versions prior to 2.296.2, 2.293.1, 2.289.4, 2.285.2, and 2.283.4 that allows an input to escape the environment variable and modify that docker command invocation directly. Jobs that use container actions, job containers, or service containers alongside untrusted user inputs in environment variables may be vulnerable. The Actions Runner has been patched, both on `github.com` and hotfixes for GHES and GHAE customers in versions 2.296.2, 2.293.1, 2.289.4, 2.285.2, and 2.283.4. GHES and GHAE customers may want to patch their instance in order to have their runners automatically upgrade to these new runner versions. As a workaround, users may consider removing any container actions, job containers, or service containers from their jobs until they are able to upgrade their runner versions.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
GitHub Actions Runner 操作系统命令注入漏洞
Vulnerability Description
GitHub Actions Runner是从 GitHub Actions 工作流运行作业的应用程序。 GitHub Actions Runner存在安全漏洞,该漏洞源于存在逻辑错误,该错误允许输入转义环境变量并直接修改该docker命令调用,使用容器操作、作业容器或服务容器以及环境变量中不受信任的用户输入的作业可能容易受到攻击。以下产品和版本受到影响:2.296.2版本、2.293.1版本、2.289.4版本、2.285.2版本和2.283.4 版本。
CVSS Information
N/A
Vulnerability Type
N/A