Github

Enterprise Server

90 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-23766

  • EPSS 0.11%
  • Veröffentlicht 22.09.2023 15:15:10
  • Zuletzt bearbeitet 21.11.2024 07:46:47

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To do so, an attacker would need write access to the repository. This vulnerab...

5.3

CVE-2023-23763

  • EPSS 0.11%
  • Veröffentlicht 01.09.2023 15:15:07
  • Zuletzt bearbeitet 21.11.2024 07:46:47

An authorization/sensitive information disclosure vulnerability was identified in GitHub Enterprise Server that allowed a fork to retain read access to an upstream repository after its visibility was changed to private. This vulnerability affected al...

6.5

CVE-2023-23765

  • EPSS 0.08%
  • Veröffentlicht 30.08.2023 23:15:08
  • Zuletzt bearbeitet 21.11.2024 07:46:47

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To exploit this vulnerability, an attacker would need write access to the repo...

7.1

CVE-2023-23764

  • EPSS 0.15%
  • Veröffentlicht 27.07.2023 21:15:10
  • Zuletzt bearbeitet 21.11.2024 07:46:47

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff within the GitHub pull request UI. To do so, an attacker would need write access to the repository. This vu...

5.3

CVE-2023-23762

  • EPSS 0.13%
  • Veröffentlicht 07.04.2023 19:15:07
  • Zuletzt bearbeitet 21.11.2024 07:46:47

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff. To do so, an attacker would need write access to the repository and be able to correctly guess the target ...

5.3

CVE-2023-23761

  • EPSS 0.07%
  • Veröffentlicht 07.04.2023 19:15:06
  • Zuletzt bearbeitet 21.11.2024 07:46:46

An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to modify other users' secret gists by authenticating through an SSH certificate authority. To do so, a user had to know the secret...

8.8

CVE-2023-23760

  • EPSS 0.43%
  • Veröffentlicht 08.03.2023 19:15:10
  • Zuletzt bearbeitet 21.11.2024 07:46:46

A path traversal vulnerability was identified in GitHub Enterprise Server that allowed remote code execution when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site o...

4.3

CVE-2022-46257

  • EPSS 0.05%
  • Veröffentlicht 07.03.2023 17:15:12
  • Zuletzt bearbeitet 21.11.2024 07:30:17

An information disclosure vulnerability was identified in GitHub Enterprise Server that allowed private repositories to be added to a GitHub Actions runner group via the API by a user who did not have access to those repositories, resulting in the re...

8.8

CVE-2023-22381

  • EPSS 0.12%
  • Veröffentlicht 02.03.2023 21:15:10
  • Zuletzt bearbeitet 21.11.2024 07:44:40

A code injection vulnerability was identified in GitHub Enterprise Server that allowed setting arbitrary environment variables from a single environment variable value in GitHub Actions when using a Windows based runner. To exploit this vulnerability...

6.5

CVE-2023-22380

  • EPSS 0.1%
  • Veröffentlicht 16.02.2023 21:15:14
  • Zuletzt bearbeitet 19.03.2025 16:15:17

A path traversal vulnerability was identified in GitHub Enterprise Server that allowed arbitrary file reading when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site ...