Using GitHub Actions ? Be Aware of this High-Severity Injection Bug Found in GitHub Actions

Felix Wilhelm of Google Project Zero found an injection Vulnerability affecting GitHub Actions and Workflow Commands specifically related to setting malicious environment variables by parsing STDOUT Resources https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/ https://bugs.chromium.org/p/project-zero/issues/detail?id=2070&can=2&q=&colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary&cells=ids https://www.zdnet.com/article/google-to-github-times-up-this-unfixed-high-severity-security-bug-affects-developers/