Commit Hash | BestHub

IT Services Circle

Aug 1, 2024 · Information Security

Cross Fork Object Reference (CFOR) Vulnerability: Access to Deleted and Private GitHub Repository Data

Researchers from Truffle Security revealed that GitHub's delete function often fails to truly remove data, exposing a new Cross Fork Object Reference (CFOR) vulnerability that allows anyone with a commit hash to access deleted or private repository data, posing serious security risks.

CFORCommit HashGitHub

0 likes · 11 min read

Cross Fork Object Reference (CFOR) Vulnerability: Access to Deleted and Private GitHub Repository Data