Github

Github

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2021-22861

  • EPSS 0.47%
  • Veröffentlicht 03.03.2021 04:15:13
  • Zuletzt bearbeitet 21.11.2024 05:50:47

An improper access control vulnerability was identified in GitHub Enterprise Server that allowed authenticated users of the instance to gain write access to unauthorized repositories via specifically crafted pull requests and REST API requests. An at...

6.5

CVE-2021-22862

  • EPSS 0.15%
  • Veröffentlicht 03.03.2021 04:15:13
  • Zuletzt bearbeitet 21.11.2024 05:50:47

An improper access control vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with the ability to fork a repository to disclose Actions secrets for the parent repository of the fork. This vulnerability existed...

8.1

CVE-2021-22863

  • EPSS 0.47%
  • Veröffentlicht 03.03.2021 04:15:13
  • Zuletzt bearbeitet 21.11.2024 05:50:47

An improper access control vulnerability was identified in the GitHub Enterprise Server GraphQL API that allowed authenticated users of the instance to modify the maintainer collaboration permission of a pull request without proper authorization. By ...

8.8

CVE-2020-10519

  • EPSS 1.9%
  • Veröffentlicht 03.03.2021 04:15:12
  • Zuletzt bearbeitet 21.11.2024 04:55:31

A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently restricted ...

4.3

CVE-2020-10517

  • EPSS 0.21%
  • Veröffentlicht 27.08.2020 22:15:09
  • Zuletzt bearbeitet 21.11.2024 04:55:31

An improper access control vulnerability was identified in GitHub Enterprise Server that allowed authenticated users of the instance to determine the names of unauthorized private repositories given their numerical IDs. This vulnerability did not all...

8.8

CVE-2020-10518

  • EPSS 3.15%
  • Veröffentlicht 27.08.2020 22:15:09
  • Zuletzt bearbeitet 21.11.2024 04:55:31

A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently restricted ...

9.8

CVE-2020-10516

  • EPSS 0.38%
  • Veröffentlicht 03.06.2020 14:15:12
  • Zuletzt bearbeitet 21.11.2024 04:55:31

An improper access control vulnerability was identified in the GitHub Enterprise Server API that allowed an organization member to escalate permissions and gain access to unauthorized repositories within an organization. This vulnerability affected a...

9.8

CVE-2017-18365

Exploit
  • EPSS 66%
  • Veröffentlicht 28.03.2019 06:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:56

The Management Console in GitHub Enterprise 2.8.x before 2.8.7 has a deserialization issue that allows unauthenticated remote attackers to execute arbitrary code. This occurs because the enterprise session secret is always the same, and can be found ...

7.5

CVE-2012-2055

  • EPSS 1.07%
  • Veröffentlicht 05.04.2012 14:55:06
  • Zuletzt bearbeitet 11.04.2025 00:51:21

GitHub Enterprise before 20120304 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set the public_key[user_id] value via a modified URL for the public-key update form, related t...