Security
AI Meets Git: Unmasking Security Flaws in Qodo Merge
The whole world is talking about AI, and developers are no exception. When a developer hears about a tool that can help them handle git pull requests using AI, it is likely that they will start using it for their open source project.
This is precisely what's happening with Qodo Merge (formerly PR-Agent), an open source tool that can help review and handle git pull requests by using AI to provide feedback and suggestions to developers. It is getting adopted by more and more open source projects, including popular ones.
It is so easy to add new features by relying on external tools, yet the consequences on security can be catastrophic.
Indeed, if the tool contains security vulnerabilities, the project using it may become vulnerable too and may grant anyone permissions to perform unexpected actions without realizing it. But everyone wants to use AI so security may be overlooked.
We found multiple vulnerabilities in Qodo Merge that may lead to privilege escalation on Gitlab, getting write access to Github repositories and leaking Github repository secrets. Additionally we found multiple high profile Github repositories using Qodo Merge with a configuration that makes them vulnerable, such as highly popular projects, government official repositories, self-driving automotive industry projects, blockchains and more.
In this talk we go through what Qodo Merge is, how it can be used, how it works, how it can be exploited, what projects are affected and what are the impacts. We also mention remediation steps to fix these issues.
Qodo (formerly CodiumAI) develops an open source tool called Qodo Merge (formerly PR-Agent). This tool can be setup to automatically analyze pull requests on a Gitlab, Github or Bitbucket project.
Qodo Merge uses AI to perform various tasks that may help a developer handle a pull request, such as:
* Summarizing a pull request
* Suggesting code changes to improve a pull request
* Generating a CHANGELOG file entry for a pull request
* Answering questions about a pull request
* and more
In this talk, we describe vulnerabilities we found in Qodo Merge that may lead to privilege escalation on Gitlab, write access to Github repositories and leaking secrets of Github repositories.
We mention popular open source projects that are vulnerable because they started using Qodo Merge, and discuss how to protect your project from these attacks.
We also talk about the multiple ways we tried to report those vulnerabilities to the developers of Qodo Merge and the lack of a way for security people to contact them. Finally, we describe the current security posture of the project regarding the vulnerabilities we found.
Additional information
| Live Stream | https://streaming.media.ccc.de/38c3/zigzag |
|---|---|
| Type | Talk |
| Language | English |
More sessions
| 12/27/24 |
With the iPhone 15 & iPhone 15 Pro, Apple switched their iPhone to USB-C and introduced a new USB-C controller: The ACE3, a powerful, very custom, TI manufactured chip. But the ACE3 does more than just handle USB power delivery: It's a full microcontroller running a full USB stack connected to some of the internal busses of the device, and is responsible for providing access to JTAG of the application processor, the internal SPMI bus, etc. We start by investigating the previous variant of the ...
|
| 12/27/24 |
In wenigen Wochen werden die Gesundheitsdaten von rund 73 Millionen in Deutschland Krankenversicherten ohne deren Zutun über Praxis- und Krankenhausgrenzen hinweg zentral in einer Akte zusammengeführt - in der [„elektronischen Patientenakte für alle“](https://www.bundesgesundheitsministerium.de/themen/digitalisierung/elektronische-patientenakte/epa-fuer-alle.html). Fortsetzung von 36C3 - [„Hacker hin oder her“: Die elektronische Patientenakte ...
|
| 12/27/24 |
We present fatal security flaws in the HALFLOOP-24 encryption algorithm, which is used by the US military and NATO. HALFLOOP-24 was meant to safeguard the automatic link establishment protocol in high frequency radio, but our research demonstrates that merely two hours of intercepted radio traffic are sufficient to recover the secret key. In the talk, we start with the fundamentals of symmetric key cryptography before going into the details of high frequency radio, HALFLOOP-24, and the ...
|
| 12/27/24 |
PHUZZ is a framework for Coverage-Guided Fuzzing of PHP Web Applications Fuzz testing is an automated approach to vulnerability discovery. Coverage-guided fuzz testing has been extensively researched in binary applications and the domain of memory corruption vulnerabilities. However, many web vulnerability scanners still rely on black-box fuzzing (e.g., predefined sets of payloads or basic heuristics), which severely limits their vulnerability detection capabilities. In this talk, we present our ...
|
| 12/27/24 |
The Chipolo ONE is a Bluetooth tracker built around the Dialog (now Renesas) DA14580 chip. This talk will present the research made on this device, from extracting the firmware from the locked down chip using fault injection up to getting remote code execution over Bluetooth. The talk will also present the disclosure process and how the vendor reacted to an unpatchable vulnerability on their product.
|
| 12/27/24 |
Digital identity solutions, such as proposed through the EU's eIDAS regulation, are reshaping the way users authenticate online. In this talk, we will review the currently proposed technical designs, the impact such systems will have, and provide an outlook on how techniques from modern cryptography can help to improve security and privacy.
|
| 12/27/24 |
Bewegungsdaten von 800.000 E-Autos sowie Kontaktinformationen zu den Besitzern standen ungeschützt im Netz. Sichtbar war, wer wann zu Hause parkt, beim BND oder vor dem Bordell.
|
