You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Cycode discovered a CI/CD misconfiguration in the Bazel repo, which if exploited could have allowed an attacker to enact a supply chain attack against all Bazel users, which includes Google themselves and probably GCP (https://bazel.build/community/users#google).
Summary (give a brief description of the issue)
Cycode discovered a CI/CD misconfiguration in the Bazel repo, which if exploited could have allowed an attacker to enact a supply chain attack against all Bazel users, which includes Google themselves and probably GCP (https://bazel.build/community/users#google).
References (provide links to blogposts, etc.)
https://cycode.com/blog/cycode-discovers-a-supply-chain-vulnerability-in-bazel/
The text was updated successfully, but these errors were encountered: