@kamilhism discovered that an organization’s OAuth Access Policy (OAP) could be bypassed on the GraphQL API in certain circumstances by fetching a public repository at the end of the query. A single GraphQL request can fetch data within multiple different repositories. As the query executes, instance variables keep track of internal state, such as the repository to which the requested resources belong. These internal variables are then used during the permission checks, which is where OAP is checked. In some cases, these variables tracking internal state weren’t being reset and would stick around during subsequent permission checks for other resources. These later checks would see that a public repository was loaded and skip the OAP checks for certain connections on the organization object since resources in public repositories are accessible to everyone, regardless of your organization’s OAuth Access Policy. We addressed the vulnerability by ensuring the internal state gets reset before and after any permission check is performed.