Login
Roast topics
Find topics
Find it!
From:
Adnan Khan's Blog
(Uncensored)
subscribe
The Monsters in Your Build Cache – GitHub Actions Cache Poisoning – Adnan Khan's Blog
https://adnanthekhan.com/2024/05/06/the-monsters-in-your-build-cache-github-actions-cache-poisoning/
links
backlinks
Tagged with:
github
devops
cicd
bug-bounty
bugbounty
github-actions
supplychain
Roast topics
Find topics
Roast it!
GitHub Actions caching has some insecure design decisions that allow for some unique attacks. It’s considered working as intended, but there are many ways it can go wrong. Learn how I identif…