OpenAI Codex Had a Command Injection Bug That Could Steal Your GitHub Tokens

Chronological Source Flow
Back

AI Fusion Summary

OpenAI Codex’s command‑injection flaw let attackers craft malicious branch names that injected shell commands, potentially exfiltrating short‑lived GitHub OAuth tokens. The issue spanned web, CLI, SDK, and IDE interfaces and is now patched.
#OpenAI Codex #command injection #GitHub token theft #container security #vulnerability patch #software development.
30/03 23:34 dev.to
2 Πηγές

OpenAI Codex Had a Command Injection Bug That Could Steal Your GitHub Tokens

OpenAI Codexcommand injectionGitHub token theftcontainer securityvulnerability patchsoftware development.
30/03 23:53 hackread.com

OpenAI Codex Vulnerability Allowed Attackers to Steal GitHub Tokens

SECURITYCYBERSECURITYOPENAIPOLITICSUNICODEGITHUB
Comments
Loading...
0