| 4173 | "CI Knew There Would Be Bugs Here" — Exploring Continuous Integration Services as a Bug Bounty Hunter |
Information disclosure
CI/CD |
NA |
EdOverflow (@EdOverflow) |
Bug Bounty | 2019-04-26 | 2023-06-13 |
| 1856 | Malicious Kubernetes Helm Charts can be used to steal sensitive information from Argo CD deployments |
Supply chain attack
CI/CD |
Argo CD |
Apiiro’s Security Research |
Bug Bounty | 2022-02-03 | 2023-06-13 |
| 1667 | Vulnerable GitHub Actions Workflows Part 1: Privilege Escalation Inside Your CI/CD Pipeline |
Privilege escalation
CI/CD |
GitHub |
Noam Dotan |
Bug Bounty | 2022-04-04 | 2023-06-13 |
| 1585 | Vulnerable GitHub Actions Workflows Part 2: Actions That Open the Door to CI/CD Pipeline Attacks |
Privilege escalation
CI/CD |
NA |
Noam Dotan |
Bug Bounty | 2022-05-02 | 2023-06-13 |
| 1141 | Google & Apache Found Vulnerable to GitHub Environment Injection |
Privilege escalation
CI/CD |
Google
Apache |
Noam Dotan |
Bug Bounty | 2022-09-01 | 2023-06-13 |
| 1116 | Zuckerpunch - Abusing Self Hosted Github Runners at Facebook |
CI/CD |
Meta / Facebook |
Marcus Young |
Bug Bounty | 2022-09-06 | 2023-06-13 |
| 1066 | How to hack Github Actions |
CI/CD |
GitHub |
StackOverflowExcept1on |
Bug Bounty | 2022-09-19 | 2023-06-13 |
| 1057 | How we Abused Repository Webhooks to Access Internal CI Systems at Scale |
CI/CD |
NA |
Omer Gil (@omer_gil) |
Bug Bounty | 2022-09-20 | 2023-06-13 |
| 249 | Remote Code Execution Vulnerability in Azure Pipelines Can Lead To Software Supply Chain Attack |
RCE
CI/CD
Supply chain attack |
Microsoft (Azure Pipelines) |
Nadav Noy |
Bug Bounty | 2023-03-30 | 2023-06-13 |
| 189 | Identifying vulnerabilities in GitHub Actions & AWS OIDC Configurations |
CI/CD
OpenID Connect |
AWS |
Rojan Rijal (@uraniumhacker) |
Bug Bounty | 2023-04-18 | 2023-06-13 |
| 164 | Stealing GitHub staff%27s access token via GitHub Actions |
CI/CD
Token leak
Privilege escalation
Supply chain attack |
GitHub |
RyotaK (@ryotkak) |
Bug Bounty | 2023-04-22 | 2023-06-13 |
| 139 | Azure Devops CICD Pipelines - Command Injection With Parameters, Variables And A Discussion On Runner Hijacking |
CI/CD
OS command injection
RCE |
Microsoft (Azure DevOps Pipelines) |
Sana Oshika (@bigshika) |
Bug Bounty | 2023-05-01 | 2023-06-13 |
| 131 | Exploiting misconfigured Google Cloud Service Accounts from GitHub Actions |
OpenID Connect
Cloud
CI/CD |
NA |
Revblock (@revbl0ck) |
Bug Bounty | 2023-05-02 | 2023-06-13 |
| 85 | From GitHub To Account Takeover: Misconfigured Actions Place GCP & AWS Accounts At Risk |
Account takeover
Cloud
OpenID Connect
CI/CD |
NA |
Rezonate |
Bug Bounty | 2023-05-16 | 2023-06-13 |
| 64 | Red team: Journey from RCE to have total control of cloud infrastructure |
RCE
SSTI
Container escape
Kubernetes
Components with known vulnerabilities
CI/CD |
NA |
Quang Vo (@mr_r3bot) |
Bug Bounty | 2023-05-22 | 2023-06-13 |
