A critical remote code execution (RCE) vulnerability in CodeRabbit\u2019s production infrastructure that provided unauthorized access to over one million code repositories, including private ones.\u00a0<\/p>\n
The vulnerability, discovered in December 2024 and responsibly disclosed in January 2025, exploited the platform\u2019s static analysis tool integration to leak sensitive API credentials and gain write access to GitHub repositories through the compromised GitHub<\/a> App private key.\u00a0<\/p>\n CodeRabbit, the most installed AI-assisted app on GitHub Marketplace with over 80,000 installations, quickly remediated the issue within hours of disclosure by disabling the vulnerable Rubocop integration and rotating all potentially compromised credentials.<\/p>\n Kudelski Security reports<\/a> that the vulnerability centered around CodeRabbit\u2019s integration with Rubocop, a Ruby static analyzer that processes .rubocop.yml configuration files submitted through pull requests.\u00a0<\/p>\n Researchers discovered that Rubocop\u2019s extension mechanism could be exploited by crafting a malicious configuration file containing a require: .\/ext.rb directive, which would execute arbitrary Ruby code when CodeRabbit processed the pull request.\u00a0<\/p>\n The exploitation process involved creating a repository with three key files: a .rubocop.yml configuration file, a malicious ext.rb extension file containing payload code, and a dummy Ruby file to trigger Rubocop execution.\u00a0<\/p>\n The payload utilized Ruby\u2019s environment variable access capabilities, specifically ENV.to_h, to exfiltrate sensitive data via HTTP POST requests to an attacker-controlled server at a designated IP address.<\/p>\n The successful exploitation yielded extensive access to CodeRabbit\u2019s production environment, including critical API keys for services such as Anthropic, OpenAI<\/a>, Langchain, and Pinecone, alongside PostgreSQL database credentials and encryption keys.\u00a0<\/p>\n The most significant compromise involved the GITHUB_APP_PEM_FILE environment variable containing CodeRabbit\u2019s GitHub App private key, which granted write access to all repositories where users had installed the CodeRabbit application.\u00a0<\/p>\n This private key enabled attackers to generate access tokens with comprehensive permissions, including content read\/write, metadata read, pull requests write, and repository administration capabilities across the platform\u2019s 1 million monitored repositories.\u00a0<\/p>\n Using the PyGitHub library and the leaked app ID, attackers could programmatically enumerate installations, list accessible repositories, and clone private repositories, including CodeRabbit\u2019s internal repositories such as coderabbitai\/mono and coderabbitai\/pr-reviewer-saas.<\/p>\n The company disabled Rubocop processing entirely while developing a permanent fix and rotated all potentially compromised credentials<\/a> and API keys within hours of notification.\u00a0<\/p>\n The permanent solution involved relocating Rubocop and other external tools into CodeRabbit\u2019s secure sandbox environment, which had existing isolation mechanisms that somehow excluded Rubocop from protection.\u00a0<\/p>\n Additional security hardening measures included comprehensive system audits, automated sandbox enforcement mechanisms, and strengthened deployment gates to prevent similar incidents.\u00a0<\/p>\n The vulnerability was completely resolved by January 30, 2025, demonstrating the critical importance of proper sandboxing for third-party tool integrations in CI\/CD environments where untrusted code execution presents significant supply chain attack vectors.<\/p>\n The post CodeRabbit\u2019s Production Servers RCE Vulnerability Enables Write Access on 1M Repositories<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\nKey Takeaways<\/mark><\/strong>
1. Malicious .rubocop.yml files executed arbitrary Ruby code on production servers.
2. Leaked GitHub App private key granted write access to 1M+ repositories.
3. CodeRabbit resolved issue within hours by disabling Rubocop and rotating all credentials.<\/pre>\nCodeRabbit\u2019s Rubocop Integration Vulnerability<\/strong><\/h2>\n
Mitigations<\/strong><\/h2>\n
Safely detonate suspicious files to uncover threats, enrich your investigations, and cut incident response time.\u00a0Start with an\u00a0ANYRUN sandbox trial<\/a>\u00a0\u2192\u00a0<\/code><\/strong><\/p>\n
![\"1](\"https:\/\/lh7-rt.googleusercontent.com\/docsz\/AD_4nXfPeaG-8e-23aaymTuO4xjPOmeCKapw9CJAP_ti_lJOD1VTlwa55Oz8pHXf7g7xdCE7yZGIyy3GfpYU2vluKr3MYXqRA-M-7Jh3lDEotkpiLzHH1GZElxLx-8y4hsvC6SBhEsbQ2w?key=TfK8wXXJ41afUTUkxt34Cg\")
![\"\u00a0Illustration](\"https:\/\/lh7-rt.googleusercontent.com\/docsz\/AD_4nXdnLd49LUwbUQruF2RzOsB78vBIRyVzF-yB1kRrSkH8lN_D0lFkcsCYVTWZFfZNz6LxrgK9NcU4VPxO_3uBUVqdSTGf7w_TBkYjJwXzgu9g2SQYQKVSQ-1pO8mnNsJxtHtQfMTOiw?key=TfK8wXXJ41afUTUkxt34Cg\")