Bas van Schaik 💙

RT @[email protected]

Thanks to @[email protected] and @[email protected] for helping us by reporting a serious security vulnerability.

We take security very seriously and managed to patch the issue within one hour. You can find more details about the vulnerability in the quoted article. https://twitter.com/GHSecurityLab/status/1593316548986507265

🐦🔗: https://twitter.com/CircuitVerse/status/1597938555405619201

GitHub Security Lab on Twitter

“GHSL-2022-069: Remote Code Execution (RCE) in CircuitVerse - CVE-2022-36038 https://t.co/IHEt95hdVU”

Twitter
Dec 1, 2022 at 8:38amMastodon Twitter Crossposter
Show threadBas van Schaik 💙Dec 1, 2022
Great find by the CodeQL analysis engine! Ruby support is now GA. By enabling GitHub code scanning with CodeQL, anyone can now automagically catch such vulnerabilities at PR time! 🚀