Novel Pipeline Vulnerability Discovered; Rust Found Vulnerable

[[correlate]]

Content source

https://www.legitsecurity.com/blog/artifact-poisoning-vulnerability-discovered-in-rust

The Legit Security Research Team discovered a new class of software supply chain vulnerabilities that leverages artifact poisoning and attacks the underlying software development pipelines for projects using GitHub Actions. In this fourth blog covering vulnerable GitHub Actions, we will explore this new technique of artifact poisoning and describe who could be vulnerable, including how we found this vulnerability in the Rust programming language and assisted in its remediation.

Novel Pipeline Vulnerability Discovered; Rust Found Vulnerable

New software supply chain vulnerabilities use artifact poisoning and attack the software development pipelines on projects using GitHub Actions.

www.legitsecurity.com