0X5T4L1N

**Name of the Vulnerable Software and Affected Versions** uniget versions prior to 0.27.1 **Description** A command injection issue exists in uniget, a universal installer and updater for container tools. The problem occurs because the `check` field from JSON metadata files is loaded and executed using `/bin/bash -c` without proper validation or sanitization. An attacker can craft malicious metadata to execute arbitrary shell commands with the privileges of the user running the software when performing operations such as `describe`, `install`, `update`, or `inspect`. This is specifically triggered within the `RunVersionCheck()` function, where the `tool.Check` variable is passed directly to the shell, allowing shell metacharacters to be interpreted. **Recommendations** Update to version 0.27.1. As a temporary workaround, avoid using metadata files from untrusted sources to prevent the execution of malicious commands via the `check` field.