Aqua Security Trivy Action Command Injection Vulnerability

A command injection vulnerability has been identified in Aqua Security's Trivy Action, specifically in versions 0.31.0 through 0.33.1. The issue arises from improper handling of action inputs when exporting environment variables. The action writes user-supplied inputs to a file named 'trivy_envs.txt' without adequate shell escaping. This allows attacker-controlled input containing shell metacharacters to be evaluated as commands when the file is sourced in 'entrypoint.sh'. As a result, arbitrary commands could be executed within the context of the GitHub Actions runner. The vulnerability is exploitable when a workflow passes untrusted data into action inputs that are written to 'trivy_envs.txt'.

Impact

Exploitation of this vulnerability could lead to arbitrary command execution in the CI runner environment.

Reproduction

To reproduce this vulnerability, create a GitHub Actions workflow that uses Aqua Security's Trivy Action version 0.33.1. Pass untrusted input, such as pull request metadata that includes shell syntax, into an action parameter that writes to 'trivy_envs.txt'. When the action is executed, the injected commands will be executed in the GitHub Actions runner environment.

Remediation

Users can upgrade to Aqua Security Trivy Action version 0.34.0 or later, which includes a patch for this vulnerability. Instructions for updating the action can be found in the Trivy Action repository on GitHub.