GitHub describes how it fixed and investigated a critical remote-code-execution vulnerability in the git push pipeline, including a bug bounty-assisted report and no evidence of exploitation.
Securing the git push pipeline: Responding to a critical remote code execution vulnerability
GitHub describes how it fixed and investigated a critical remote-code-execution vulnerability in the git push pipeline, including a bug bounty-assisted report and no evidence of exploitation.
Source: GitHub Blog