IT Services Circle
Aug 1, 2024 · Information Security
Cross Fork Object Reference (CFOR) Vulnerability: Access to Deleted and Private GitHub Repository Data
Researchers from Truffle Security revealed that GitHub's delete function often fails to truly remove data, exposing a new Cross Fork Object Reference (CFOR) vulnerability that allows anyone with a commit hash to access deleted or private repository data, posing serious security risks.
CFORCommit HashGitHub
0 likes · 11 min read