Blog

Jun 24, 2022

More than 770 million records available through the Travis CI API: Anyone can extract tokens, secrets, and other credentials associated with services like GitHub, AWS, and Docker Hub

Posted by in category: security

Software development and testing platform Travis CI confirmed the second incident of exposing its users’ data in less than a year. On this occasion, the compromised records include authentication tokens that would allow access to platforms such as AWS, GitHub, and Docker Hub.

According to a report prepared by the firm Aqua Security, tens of thousands of user tokens would have been exposed through the Travis CI API, which contains more than 770 million records with multiple types of credentials belonging to users of free subscriptions.

According to the report, Travis CI did not apply sufficient protections for record numbers, which would allow the execution of an enumeration script to retrieve an undetermined number of code strings: “This is not easy with other providers since they must mention in the URL a client ID, making it difficult to execute enumeration in the records.”

Comments are closed.