Incident with Pages
Incident
Report for GitHub
Resolved
On December 26, 2023, GitHub received a report through our Bug Bounty Program demonstrating a vulnerability which, if exploited, allowed access to credentials within a production container. We fixed this vulnerability on GitHub.com the same day and began rotating all potentially exposed credentials. Through this process we found some flaws in how we rotate certain credentials and are working on improving our credential rotation process. More detail can be found on our blog: https://github.blog/2024-01-16-rotating-credentials-for-github-com-and-new-ghes-patches/
Update
A recent update to an Action that GitHub Pages deployer service relies on impacted that service, and was corrected and redeployed.
Update
We've identified the cause of some Pages errors and are deploying a mitigating fix now.
Update
We continue to investigate issues with Pages, and will continue to keep users updated on progress towards mitigation.
Update
Pages workflow builds which use the actions actions/upload-pages-artifact@v3 and actions/deploy-pages@v4 are currently failing.
Investigating
We are investigating reports of degraded performance for Pages
This incident affected: Pages.
