Two open-source projects vulnerable to 'GitHub Environment Injection'

Days after Google announced an open source bug bounty program, Legit Security reported supply chain attack vulnerabilities in open-source projects from Google and Apache.

Related Keywords

Philip Odence ,Ryan Kennedy ,Roderick Townsend ,Casey Bisson ,Google ,Source Software Vulnerability Rewards Program ,Legit Security ,Hub Environment ,Github Actions ,Google Firebase ,Both Google ,Black Duck Audit Business ,Synopsys Software Integrity ,