0.0004 Low
EPSS
Percentile
12.6%
octokit is vulnerable to privilege escalation. The vulnerability exists because the script file uses -rw-rw-rw- (i.e. 0666) permission instead of rw-r--r--(i.e. 0644), allowing an attacker to modify the world-writable files.
-rw-rw-rw-
rw-r--r--
github.com/octokit/octokit.rb/commit/1c8edecc9cf23d1ceb959d91a416a69f55ce7d55
github.com/octokit/octokit.rb/pull/1446
github.com/octokit/octokit.rb/security/advisories/GHSA-g28x-pgr3-qqx6