We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
An attacker can execute arbitrary code in the context of a GitHub runner by creating a specially crafted GitHub issue.
This issue is patched in gajira-create version 2.0.1.
There are no known workarounds.
GitHub Security Lab advisory GHSL-2020-172
JarLob Analyst
Impact
An attacker can execute arbitrary code in the context of a GitHub runner by creating a specially crafted GitHub issue.
Patches
This issue is patched in gajira-create version 2.0.1.
Workarounds
There are no known workarounds.
References
GitHub Security Lab advisory GHSL-2020-172