GitHub header
We are investigating reports of degraded performance.
Incident Report for GitHub
Resolved
On December 26, 2023, GitHub received a report through our Bug Bounty Program demonstrating a vulnerability which, if exploited, allowed access to credentials within a production container. We fixed this vulnerability on GitHub.com the same day and began rotating all potentially exposed credentials. Through this process we found some flaws in how we rotate certain credentials and are working on improving our credential rotation process. More detail can be found on our blog: https://github.blog/2024-01-16-rotating-credentials-for-github-com-and-new-ghes-patches/
Posted Dec 29, 2023 - 02:04 UTC
Update
Users without an existing valid session are unable to login and will see an error page. We are working on a mitigation.
Posted Dec 29, 2023 - 01:41 UTC
Investigating
We are currently investigating this issue.
Posted Dec 29, 2023 - 01:41 UTC