Now that GitHub has launched a bug bounty program, many security researchers are taking a crack at the code repository. One of them is Egor Homakov, who has managed to gain access to private GitHub repositories by using a combination of 5 low-severity flaws. Separately, the 5 vulnerabilities cant be exploited to cause too much damage, but when combined, they result in a high-severity exploit. GitHub fixed the vulnerabilities shortly after they were reported by …
Comments are closed.
