VDB

GCVE-110-CLOUD-2023-0050

GCVE-110-CLOUD-2023-0050
Advisory Published
Vulnetix · Advisory published March 6, 2023
A vulnerability in GitHub's Repository Security Advisory feature allowed unauthorized users to access plaintext Codespace secrets of any organization, including GitHub itself. The issue stemmed from the new beta feature that allows external users to report vulnerabilities to public repositories, inadvertently granting access to sensitive organization-level secrets.

Affected Products

VendorProductVersionsPlatforms
GitHubCloud Services
GitHubGitHub Codespaces, GitHub Repository Security Advisory

Browse GCVE Records

73,738 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›