VDB
GCVE-110-CLOUD-2022-0009
GCVE-110-CLOUD-2022-0009
Advisory Published
A vulnerability in the GitHub Actions Runner allowed untrusted inputs in environment variables to escape and modify docker command invocations. This affected jobs using container actions, job containers, or service containers. The issue has been patched in multiple versions of the runner.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| GitHub | GitHub Actions | — | — |
| GitHub | Cloud Services | — | — |
Aliases
Browse GCVE Records
73,834 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.