Gandhi
location: https://github.com/square/git-fastclone/tree/master/lib # Overview of the Vulnerability The `git-fastclone.rb` script contains insecure file handling practices that can be exploited to perform unauthorized file access and potentially lead to command injection....
### Summery: An unclaimed AWS S3 bucket has been identified in the [xmind-zen.yml](https://github.com/electron/apps/blob/8d60d0cc3a8f8fd2d75d4c06e2685ad2a4c80494/apps/xmind-zen/xmind-zen.yml#L14) file of the Electron apps repository. The bucket is publicly accessible and unclaimed, allowing an attacker to...