This site may contain outdated or incomplete information.
GitHub Ruby on Rails Repository Hack
The GitHub repository for the Ruby on Rails was compromised by an ethical hacker using a vulnerability in the GitHub API.
Impact
The Rails repository had an unauthorized commit added to it. GitHub responded rapidly by fixing the vulnerability and the Rails maintainers removed the commit. GitHub also improved its responsible disclosure mechanisms to enable security researchers to submit issues without resorting to actually exploiting the vulnerability.
Type of Compromise
Source Code and Dev Tooling
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.