Gallery

Contacts

405 W. Greenlawn Ave Lansing, Michigan 48910

contact@techjacksolutions.com

+1-616-320-4064

A Server-Side Request Forgery vulnerability in GitHub Enterprise Server allows an attacker to force the server to make internal HTTP requests, potentially exposing signing secrets and private keys stored as environment variables. Organizations running GitHub Enterprise Server with the GitHub Packages feature enabled are at risk. If exploited, this vulnerability could expose cryptographic keys and secrets that protect software signing pipelines, internal services, and code integrity processes.

Author

Tech Jacks Solutions