Neowin: Google discloses ‘high’ severity security flaw in GitHub

Neowin: Google discloses ‘high’ severity security flaw in GitHub. “The vulnerability has been classified as a ‘high’ severity issue by Google Project Zero. We’ll spare you the nitty-gritty technical details – and you’re free to view them in detail here if you want – but the meat of the matter is that workflow commands in GitHub Actions are extremely vulnerable to injection attacks.”

Leave a Reply