AIKIDO-2026-11014
pydantic-ai-backend is vulnerable to Command Injection
84
High Risk
This Affects:
pydantic-ai-backendTL;DR
The Dockerfile generator improperly interpolated untrusted runtime inputs such as package names, environment variables, setup commands, and working directory values directly into RUN, ENV, and WORKDIR instructions without sufficient validation or escaping. This could allow command injection during container image build, potentially resulting in arbitrary command execution in the build environment. An attacker able to control these runtime values could supply crafted input such as shell metacharacters or chained commands to execute unintended operations, modify the generated image, exfiltrate secrets available at build time, or disrupt the build process. The issue is mitigated by strict input validation, safe quoting, and rejection of dangerous characters and multiline payloads.
Who does this affect?
You are affected if you are using a version that falls within the vulnerable range and if you run workflows that generate Dockerfiles from untrusted runtime inputs (package names, env keys/values, setup commands, or work_dir).
Background info
pydantic-ai-backend is vulnerable to Command Injection in versions 0.1.0 - 0.2.9.
How to fix this
Upgrade the pydantic-ai-backend library to the patch version.
Are You Affected?
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.
SOC 2Compliant
ISO 27001Compliant