GitLab – GitLab-Runner on Windows `DOCKER_AUTH_CONFIG` container host Command Injection


HackerOne bug report to GitLab: GitLab-Runner, when running on Windows with a docker executor, is vulnerable to Command Injection via the DOCKER_AUTH_CONFIG build variable. Injected commands are executed on the container host, not within a Docker container, as such could compromise all future builds which are executed by the runner.



Source link