If you write a nice CodeQL query and propose it to the open source community, you can get not one, but TWO bounty rewards from the Security Lab. We're making changes to the Bug Slayer bug bounty program: securitylab.github.com/research/new-b

GitHub Security Lab

@GHSecurityLab

19h

GHSL-2020-183: Arbitrary command injection in GitHub workflows of Checkstyle

securitylab.github.com

GHSL-2020-183: Arbitrary command injection in GitHub workflows of Checkstyle

The diff_report.yml and site.yml GitHub workflows are vulnerable to arbitrary command injection.

GitHub Security Lab

@GHSecurityLab

20h

GHSL-2021-099: ReDoS (Regular Expression Denial of Service) in Solidus - CVE-2021-43805

securitylab.github.com

GHSL-2021-099: ReDoS (Regular Expression Denial of Service) in Solidus - CVE-2021-43805

A user of the system can provide an email address containing a specifically crafted string that will trigger a ReDoS vulnerability when checking out an order.

GitHub Security Lab

@GHSecurityLab

20h

GHSL-2021-1045: Cross-Site Scripting (XSS) in jQuery MiniColors Plugin - CVE-2021-32850

securitylab.github.com

GHSL-2021-1045: Cross-Site Scripting (XSS) in jQuery MiniColors Plugin - CVE-2021-32850

jQuery MiniColors Plugin is prone to XSS when handling untrusted color names.

GitHub Security Lab

@GHSecurityLab

20h

GHSL-2021-1047: Cross-Site Scripting (XSS) in Mind-elixir - CVE-2021-32851

securitylab.github.com

GHSL-2021-1047: Cross-Site Scripting (XSS) in Mind-elixir - CVE-2021-32851

Mind-elixir is prone to XSS when handling untrusted menus.

Topics to follow

Carousel

GitHub Security Lab

@GHSecurityLab

20h

GHSL-2021-1053: Path traversal in Grafana REST API - CVE-2021-43813, CVE-2021-43815

securitylab.github.com

GHSL-2021-1053: Path traversal in Grafana REST API - CVE-2021-43813, CVE-2021-43815

A path traversal vulnerability was found in Grafana REST API

GitHub Security Lab

@GHSecurityLab

21h

We know everyone is busy right now, so here's 3 minutes on how to prevent arbitrary file reads in our new #SecurityBites github.co/31S9sjb

GitHub Security Lab Retweeted

KringleCon

@KringleCon

Dec 14

Establish strong rules of engagement 📋 Make reporting actionable ☑️ Notify users 🔔 A guide to disclosing security vulnerabilities to #opensource projects with Nancy Gariché of

@GHSecurityLab

youtube.com

Watch KringleCon On Demand

GitHub Security Lab

@GHSecurityLab

Dec 14

Learn how to define robust project security requirements in the new installment of our OWASP proactive controls series

github.blog

How to define security requirements for your OSS project | The GitHub Blog

Defining your security requirements is the most important proactive control you can implement for your project. Here's how.

GitHub Security Lab Retweeted

Kevin Backhouse

@kevin_backhouse

Dec 13

PoC video for Ubuntu accountsservice CVE-2021-3939. It's not quick, but it gets you a root shell eventually. securitylab.github.com/research/ubunt

0:28

3.9K views

GitHub Security Lab

@GHSecurityLab

Dec 13

"Exploits are really the closest thing to magic spells we have in this world" according to Halvar Flake.

@kevin_backhouse

demystifies an exploit of a double-free vulnerability in Ubuntu github.co/3pVse0G

248

GitHub Security Lab

@GHSecurityLab

Dec 10

GHSL-2021-113: ReDoS (Regular Expression Denial of Service) in JS Beautifier

securitylab.github.com

GHSL-2021-113: ReDoS (Regular Expression Denial of Service) in JS Beautifier

JS Beautifier contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service).

GitHub Security Lab

@GHSecurityLab

Dec 9

Make sure the code you run is actually the code you wrote! Learn about preventing injection vulnerabilities in your code in this installment of #SecurityBites github.co/3oBFpEQ