A software supply-chain vulnerability has been discovered in Bazel, an open-source tool developed by Google, involving a command injection vulnerability in a custom GitHub Action used by Bazel in its CI/CD workflows.
View full story…
Cycode Discovers Supply-Chain Vulnerability in Google’s Bazel Tool
