VDB
GCVE-110-CLOUD-2024-0009
GCVE-110-CLOUD-2024-0009
Advisory Published
A technique called "repo swatting" allows attackers to delete GitHub and block GitLab accounts by exploiting file upload features and abuse reporting mechanisms. Attackers upload malicious files to a target's repository, then report the account for hosting malicious content, potentially resulting in account deletion. The vulnerability was partially mitigated by October 2024 via changes in upload URL paths and requirement for each uploader to be authenticated (in GitHub).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| GitHub | Cloud Services | — | — |
| GitLab | Cloud Services | — | — |
Browse GCVE Records
73,866 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.