Difference between revisions of "Codecov"

Latest revision as of 08:35, 26 January 2024

Security issue[edit]

Around April 2021, a supply chain attack using code auditing tool codecov allowed hackers limited access to HashiCorp's customers networks.^[1] As a result private credentials were leaked. HashiCorp revoked a private signing key and asked its customers to use a new rotated key.

Related[edit]

See also[edit]

SLSA, slsa-verifier
Sentry, sentry-cli, Sentry self hosted, Sentry Connect Services, Kubernetes, sentry backup, Codecov

↑ "HashiCorp revoked private key exposed in Codecov security breach". VentureBeat. 2021-04-27. Retrieved 2021-08-03.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>

[1]

@@ Line 5: / Line 5: @@
 == Security issue ==
 Around April 2021, a [[supply chain attack]] using code auditing tool codecov allowed hackers limited access to [[HashiCorp]]'s customers networks.<ref>{{Cite web|date=2021-04-27|title=HashiCorp revoked private key exposed in Codecov security breach|url=https://venturebeat.com/2021/04/26/hashicorp-revoked-private-key-exposed-in-codecov-security-breach/|access-date=2021-08-03|website=VentureBeat|language=en-US}}</ref> As a result private credentials were leaked. HashiCorp revoked a private signing key and asked its customers to use a new rotated key.
 == Related ==
 * [[SLSA]]
 * [[Sentry]]
+* [[Sourcegraph]]
 == See also ==

Difference between revisions of "Codecov"

Latest revision as of 08:35, 26 January 2024

Security issue[edit]

Related[edit]

See also[edit]

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools