dmachard
commented
2 months ago You can address this by making a pull request to remove the exposed credentials if you wish...
Open ROBOT-X-cyber opened 3 months ago
dmachard
commented
2 months ago You can address this by making a pull request to remove the exposed credentials if you wish...
Hi, S3 bucket credentials S3_ACCESS_KEY_ID and S3_SECRET_ACCESS_KEY are exposed in your public github repo.
https://github.com/dmachard/python-pdnsbackup/blob/main/.pdnsbackup.env
Would recommend to remove it immediately for security reasons or misuse of it by malicious actors.
Regards, Abhirup Konwar (BugHunter)