GitHub has informed users that it has discovered an “extremely rare, but potentially serious” security bug related to improper handling of authenticated sessions. According to GitHub, the vulnerability existed at various times between February 8 and March 5.
The company said the issue was discovered on March 2, and an initial patch was issued on March 5. A second patch was rolled out on March 8, and on the evening of the same day, the GitHub decided to invalidate all authenticated sessions to fully eliminate the possibility of exploitation.
To Read More: Securityweek