chore(deps): update aquasecurity/trivy-action action to v0.34.0 [security]

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
aquasecurity/trivy-action	action	minor	0.33.1 → 0.34.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

GitHub Vulnerability Alerts

CVE-2026-26189

Command Injection in aquasecurity/trivy-action via Unsanitized Environment Variable Export

A command injection vulnerability exists in aquasecurity/trivy-action due to improper handling of action inputs when exporting environment variables. The action writes export VAR=<input> lines to trivy_envs.txt based on user-supplied inputs and subsequently sources this file in entrypoint.sh.

Because input values are written without appropriate shell escaping, attacker-controlled input containing shell metacharacters (e.g., $(...), backticks, or other command substitution syntax) may be evaluated during the sourcing process. This can result in arbitrary command execution within the GitHub Actions runner context.

Severity:

Moderate

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

CWE-78: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’)

Impact:

Successful exploitation may lead to arbitrary command execution in the CI runner environment.

Affected Versions:

• Versions >= 0.31.0 and <= 0.33.1
• Introduced in commit 7aca5ac

Affected Conditions:

The vulnerability is exploitable when a consuming workflow passes attacker-controlled data into any action input that is written to trivy_envs.txt. Access to user input is required by the malicious actor.

A representative exploitation pattern involves incorporating untrusted pull request metadata into an action parameter. For example:

- uses: aquasecurity/trivy-action@0.33.1
  with:
    output: "trivy-$.sarif"

If the pull request title contains shell syntax, it may be executed when the generated environment file is sourced.

Not Affected:

• Workflows that do not pass attacker-controlled data into trivy-action inputs
• Workflows that upgrade to a patched version that properly escapes shell values or eliminates the source ./trivy_envs.txt pattern
• Workflows where user input is not accessible.

Call Sites:

• action.yaml:188 — set_env_var_if_provided writes unescaped export lines
• entrypoint.sh:9 — sources ./trivy_envs.txt

---

Release Notes

aquasecurity/trivy-action (aquasecurity/trivy-action)

v0.34.0

Compare Source

What's Changed

• ci: use setup-bats in bump-trivy workflow by @​nikpivkin in #​494
• chore: update README by @​nikpivkin in #​493
• ci: install trivy in bump-trivy workflow and update tests by @​nikpivkin in #​495
• chore(deps): Update trivy to v0.68.1 by @​aqua-bot in #​496
• ci: use checks bundle v2 in sync workflow by @​nikpivkin in #​505
• chore(deps): Update trivy to v0.69.1 by @​aqua-bot in #​506

Full Changelog: aquasecurity/trivy-action@0.33.1...0.34.0

---

Configuration

📅 Schedule: Branch creation - "" in timezone America/Vancouver, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

---

Thanks for the PR!

Any successful deployments (not always required) will be available below.
API available
Frontend available

Once merged, code will be promoted and handed off to following workflow run.
Main Merge Workflow