For a few days earlier this year, rogue GitHub apps could have hijacked countless repos

admin June 22, 2022

2 Less than a minute

A GitHub bug could have been exploited earlier this year by connected third-party apps to hijack victims’ source-code repositories. For almost a week in late February and early March, rogue applications could have generated scoped installation tokens with elevated permissions, allowing them to gain otherwise unauthorized write or administrative access to developers’ repos. For example, if an app was granted read-only access to an organization or individual’s code repo, the app could effortlessly escalate that to read-write access.

admin June 22, 2022

2 Less than a minute

For a few days earlier this year, rogue GitHub apps could have hijacked countless repos

Leave a Reply Cancel reply

Affordable Technology Support for Small Business: PB4HOST

Chef and Influencer Nehal Karkera Set to Enter OneRare, the World's First Foodverse

Bajaj Housing Finance Announces Home Loan Interest Rate Change; Offers One of the Most Competitive Rates Starting at 7.20 percent* p.a.

Related Articles

Ubuntu 22.10 Gets First Kernel Security Update to Address Recent Wi-Fi Stack Vulnerabilities

Ubuntu 22.10 Review: Very Modern But Nothing’s Perfect

How to monitor VMware vSphere with Checkmk

Debian-Based SparkyLinux 2022.10 Rolling ISOs Updated with Linux Kernel 6.0 by Default

Leave a Reply Cancel reply

Adblock detected