Golang-Not-Rust

**Name of the Vulnerable Software and Affected Versions** act versions prior to 0.2.86 **Description** act unconditionally processes the deprecated `::set-env::` and `::add-path::` workflow commands, which GitHub Actions disabled due to environment injection risks. When a workflow step echoes untrusted data to standard output, an attacker can inject these commands to set arbitrary environment variables or modify the PATH for all subsequent steps in the job. This makes `act` less secure than GitHub Actions for the same workflow file. Exploitation can occur through malicious pull request titles, branch names, or commit messages if these are echoed to standard output. Successful exploitation can lead to command injection via environment variables like `LD PRELOAD`, `NODE OPTIONS`, `PYTHONPATH`, `BASH ENV`, and `PERL5OPT`, PATH hijacking, and cross-step escalation. The vulnerable code resides in `pkg/runner/command.go`, lines 52-58, where there is no check for the `ACTIONS ALLOW UNSECURE COMMANDS` environment variable. **Recommendations** Update to act version 0.2.86 or later.

**Name of the Vulnerable Software and Affected Versions** BentoML versions prior to 1.4.37 **Description** BentoML is a Python library used for building online serving systems for AI applications and model inference. A flaw exists where the `docker.system packages` field within the `bentofile.yaml` file does not properly sanitize arbitrary strings before they are interpolated into Dockerfile `RUN` commands. Because this field is intended to hold a list of OS package names (data), it is not expected to be interpreted as shell commands. This allows a malicious `bentofile.yaml` file to achieve arbitrary command execution during the `bentoml containerize` or `docker build` process. The issue resides in several components including `src/ bentoml sdk/images.py`, `src/bentoml/ internal/container/frontend/dockerfile/templates/base debian.j2`, `src/bentoml/ internal/bento/build config.py`, and all distro install commands in `src/bentoml/ internal/container/frontend/dockerfile/ init .py`. The impact of this issue includes potential compromise of malicious repositories, CI/CD pipelines, BentoCloud infrastructure, and the BentoML ecosystem's supply chain. The `system packages` field values are treated as data by the user but are directly formatted into shell commands in the Dockerfile without proper escaping. **Recommendations** Versions prior to 1.4.37: Implement input validation for the `system packages` field in `build config.py` using a regular expression to ensure package names only contain alphanumeric characters, dots, plus signs, hyphens, underscores, and colons. Versions prior to 1.4.37: Apply `shlex.quote()` to each package name before interpolation in `images.py:system packages()` and apply the `bash quote` Jinja2 filter in `base debian.j2`.