Flaw in Google bug tracker exposed reports about unpatched vulnerabilities

I am surprised we haven’t seen this kind of thing previously. No doubt it has happened before given the value to attackers of this kind of information. The issue was found by a bug hunter as part of Google’s bounty program. Good for them to include the infrastructure for their program as well as Google products and services.

Google’s Issue Tracker contained until recently a vulnerability that would allow an external party access to any unpatched bug listed and described in the database.

Source: Flaw in Google Bug Tracker Exposed Reports About Unpatched Vulnerabilities | Threatpost | The first stop for security news

One Reply to “Flaw in Google bug tracker exposed reports about unpatched vulnerabilities”

Leave a Reply

Your email address will not be published. Required fields are marked *