The "GitHub Apps access suspended installations" vulnerability allows certain GitHub Apps to interact with suspended installations using scoped tokens, bypassing intended restrictions. This flaw risks unauthorized access to sensitive information, potentially compromising project security and data integrity.
https://hackerone.com/reports/2484635