2017: GitHub Remote Code Execution
In early 2017, exablue founder and CEO Markus Fenske revealed a serious security flaw in GitHub. He was awarded $ 18,000 by GitHub for disclosure.
Our blog article shows the technical details of it's discovery and the subsequent exploitation of the issue.
The discovery was taken up by the press.
You can read an article in German IT news website Heise.de.
A more detailed report in English can be found on the official GitHub homepage. GitHub-Homepage.
Another article in English is published here: ZDNet.
Further reports about the vulnerability are can be found on: