GitHub `Kernel#send()` Flaw Exposed Secrets and Enabled GHES RCE Path
A vulnerability tracked as CVE-2024-0200 allowed attackers with organization owner privileges to abuse an unsafe Ruby Kernel#send() call in GitHub’s organization repository settings flow and invoke unintended zero-argument methods on Repository objects. Researchers showed the bug could be used to trigger Repository::GitDependency#nw_fsck() and leak roughly 2 MB of environment variables from a production GitHub.com container, exposing access keys, secrets, and internal configuration because spawned git processes inherited the parent environment.
The issue affected GitHub.com and GitHub Enterprise Server (GHES) instances with GitHub Actions enabled, but the impact was more severe on GHES. STAR Labs reported that leaked variables on GHES could include ENTERPRISE_SESSION_SECRET and other Marshal-related secrets, which could be chained with forged Rails session cookies and an unsafe Marshal.load path to achieve remote code execution. GitHub hotfixed GitHub.com on December 26, 2023, and later released a patch and advisory, while recommended mitigations included allowlisting the rid_key parameter, reducing environment variables passed to git processes, rotating exposed secrets, and monitoring repository_items requests for abnormal rid_key values.
Timeline
Apr 15, 2024
STAR Labs publishes technical write-up of the GitHub vulnerability chain
STAR Labs publicly detailed the vulnerability chain, exploitation method, impact on GitHub.com and GHES, and detection and mitigation recommendations. The write-up described the environment variable disclosure and the GHES path to remote code execution.
Jan 16, 2024
GitHub releases patch and public announcement for CVE-2024-0200
GitHub published a patch and advisory for CVE-2024-0200, covering affected GitHub Enterprise Server deployments. The announcement disclosed the vulnerability and made remediation available to customers.
Jan 16, 2024
Research shows GHES exposure could lead to remote code execution
Analysis of GitHub Enterprise Server showed that leaked environment variables could include ENTERPRISE_SESSION_SECRET or a Marshal-related secret, which could be combined with forged Rails session cookies and an unsafe Marshal deserialization sink to achieve remote code execution. This extended the impact beyond information disclosure on GitHub.com.
Dec 26, 2023
GitHub hotfixes GitHub.com for CVE-2024-0200
GitHub applied a hotfix to GitHub.com during the Christmas holiday period to remediate the vulnerability later assigned CVE-2024-0200. The fix addressed the unsafe method invocation path that enabled environment variable disclosure.
Dec 26, 2023
Vulnerability used to leak GitHub.com container environment variables
The researcher exploited the flaw on GitHub.com by invoking Repository::GitDependency#nw_fsck(), disclosing roughly 2 MB of environment variables from a production git worker container. The leaked data included numerous access keys, secrets, and internal configuration values inherited by spawned git processes.
Dec 26, 2023
Researcher discovers GitHub send() flaw exposing repository method calls
Ngo Wei Lin identified a vulnerability in GitHub's Organizations::Settings::RepositoryItemsComponent where a user-controlled parameter was passed to Ruby's Kernel#send(), enabling zero-argument arbitrary method invocation on Repository-related objects. The issue affected GitHub.com and GitHub Enterprise Server instances with GitHub Actions enabled and required organization owner privileges.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Vulnerabilities
Organizations
Affected Products
Sources
Related Stories
GitHub Patched Critical `git push` RCE Affecting Cloud and Enterprise Server
GitHub disclosed and patched **CVE-2026-3854**, a critical command-injection flaw in its `git push` pipeline that allowed an authenticated user with repository push access to trigger remote code execution using a single crafted push. Wiz reported the bug on March 4, and GitHub said it reproduced the issue within about 40 minutes and deployed a fix to GitHub.com within roughly two hours, later publishing patches for supported GitHub Enterprise Server releases including **3.14.24, 3.15.19, 3.16.15, 3.17.12, 3.18.6, and 3.19.3**. The vulnerability stemmed from unsanitized user-supplied push option values being inserted into internal `X-Stat` headers, enabling attackers to inject trusted metadata, bypass sandboxing, and execute commands as the `git` service user. Researchers said the flaw could have led to **full server compromise** on GitHub Enterprise Server and, on GitHub.com, code execution on shared storage infrastructure where millions of repositories were accessible to the git service account, creating potential cross-tenant exposure. GitHub said forensic analysis and telemetry found **no evidence of malicious exploitation** and no indication that customer data was accessed, modified, or exfiltrated, but urged Enterprise Server administrators to upgrade immediately and review logs for suspicious push activity. Wiz described the bug as easy to exploit and highlighted its use of AI-assisted reverse engineering tools, including **IDA MCP**, to uncover the issue in GitHub’s closed-source components.
3 days ago
Misconfigured `pull_request_target` GitHub Actions enabled supply chain compromises
Researchers reported that insecure GitHub Actions workflows using the privileged `pull_request_target` trigger exposed major open source repositories to secret theft and supply chain abuse. Sysdig found workflows in projects including **MITRE** `mitre-attack/car`, **Splunk** `security_content`, and **spotipy** that checked out and executed untrusted forked pull request code in privileged CI contexts, enabling exfiltration of secrets and abuse of high-permission `GITHUB_TOKEN` access. Spotipy assigned **`CVE-2025-47928`** and fixed the issue after disclosure, MITRE remediated its workflow, and Splunk patched its pipeline. Wiz later described a large-scale campaign dubbed **prt-scan** that weaponized the same weakness across GitHub, sending more than 500 malicious pull requests in multiple waves and using increasingly tailored, AI-assisted payloads against Python, Node.js, Go, Rust, and GitHub Actions projects. Most attempts were blocked by contributor approval gates and workflow restrictions, but Wiz confirmed compromise of at least two npm packages—**`@codfish/eslint-config`** and **`@codfish/actions`**—across 106 versions, along with theft of credentials including **AWS keys**, **Cloudflare API tokens**, and **Netlify auth tokens**. The incidents underscored that repositories running untrusted PR code under `pull_request_target` can turn CI/CD pipelines into a direct path for secret exposure and downstream package compromise.
2 weeks ago
Multiple Critical Vulnerability Disclosures Across Gogs, Jinjava, and Kubernetes Local Path Provisioner
Several **high-severity vulnerability disclosures** were published across widely used developer and infrastructure components, with impacts ranging from **remote code execution (RCE)** to **account takeover** and **arbitrary host file writes**. In *Gogs* (self-hosted Git service), three CVEs were reported: **CVE-2025-64111** (CVSS 9.3) enables RCE by bypassing checks in `UpdateRepoFile` to modify `.git/config` via the API (described as an insufficient fix for an earlier issue); **CVE-2025-64175** (CVSS 7.7) allows a **cross-account 2FA recovery-code bypass** in versions `0.13.3` and earlier if an attacker already has a victim’s username/password; and **CVE-2026-24135** (CVSS 7.2) is a wiki rename path traversal that can delete arbitrary files by manipulating `old_title`. Separately, *Jinjava* (HubSpot CMS template engine) disclosed **CVE-2026-25526** (CVSS 9.8), a sandbox escape chain that permits arbitrary Java code execution by abusing `ForTag` iteration behavior (Bean ELResolver restriction bypass) and `ObjectMapper`-based JSON deserialization to instantiate disallowed classes. A critical Kubernetes storage issue was also disclosed in *Kubernetes Local Path Provisioner*: **CVE-2025-62878** (CVSS 10.0) allows directory traversal via the `parameters.pathPattern` setting, enabling a user who can create storage resources to provision volumes in arbitrary host locations (e.g., `/etc`) and potentially overwrite sensitive files on cluster nodes. In parallel to these product flaws, separate research reported widespread **exposure of Git metadata** on the public internet—approximately **4.96 million** IPs with accessible `.git` directories and **250,000+** exposing `.git/config` files that may contain deployment credentials—highlighting a common, high-impact misconfiguration pattern that can enable source code reconstruction and secret theft. Active exploitation activity was reported for *Ivanti Endpoint Manager Mobile (EPMM)* involving **CVE-2026-1281** and **CVE-2026-1340**, where attackers were observed dropping `/mifs/403.jsp` and using a Base64-delivered Java class loader designed for delayed, in-memory activation rather than immediate interactive webshell use.
1 months ago