Github

Enterprise Server

117 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.61%
  • Veröffentlicht 21.12.2023 21:15:13
  • Zuletzt bearbeitet 16.12.2024 19:07:10

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be updated with an improperly scoped token. This vulnerability did not allow unauthorized access to any repository content as it also r...

  • EPSS 0.47%
  • Veröffentlicht 21.12.2023 21:15:13
  • Zuletzt bearbeitet 16.12.2024 19:07:20

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be read with an improperly scoped token. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed i...

  • EPSS 0.74%
  • Veröffentlicht 21.12.2023 21:15:09
  • Zuletzt bearbeitet 21.11.2024 08:28:58

An insufficient entropy vulnerability was identified in GitHub Enterprise Server (GHES) that allowed an attacker to brute force a user invitation to the GHES Management Console. To exploit this vulnerability, an attacker would need knowledge that a u...

  • EPSS 0.17%
  • Veröffentlicht 21.12.2023 21:15:09
  • Zuletzt bearbeitet 21.11.2024 08:28:58

A race condition in GitHub Enterprise Server was identified that could allow an attacker administrator access. To exploit this, an organization needs to be converted from a user. This vulnerability affected all versions of GitHub Enterprise Server si...

  • EPSS 0.79%
  • Veröffentlicht 21.12.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:28:57

A path traversal vulnerability was identified in GitHub Enterprise Server that allowed arbitrary file reading when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site ...

  • EPSS 0.54%
  • Veröffentlicht 21.12.2023 21:15:08
  • Zuletzt bearbeitet 16.12.2024 19:07:42

Improper access control in all versions of GitHub Enterprise Server allows unauthorized users to view private repository names via the "Get a check run" API endpoint. This vulnerability did not allow unauthorized access to any repository content besi...

  • EPSS 0.64%
  • Veröffentlicht 21.12.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 08:28:58

Improper privilege management in all versions of GitHub Enterprise Server allows users with authorized access to the management console with an editor role to escalate their privileges by making requests to the endpoint used for bootstrapping the ins...

  • EPSS 0.59%
  • Veröffentlicht 22.09.2023 15:15:10
  • Zuletzt bearbeitet 21.11.2024 07:46:47

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To do so, an attacker would need write access to the repository. This vulnerab...

  • EPSS 0.54%
  • Veröffentlicht 01.09.2023 15:15:07
  • Zuletzt bearbeitet 21.11.2024 07:46:47

An authorization/sensitive information disclosure vulnerability was identified in GitHub Enterprise Server that allowed a fork to retain read access to an upstream repository after its visibility was changed to private. This vulnerability affected al...

  • EPSS 0.49%
  • Veröffentlicht 30.08.2023 23:15:08
  • Zuletzt bearbeitet 21.11.2024 07:46:47

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To exploit this vulnerability, an attacker would need write access to the repo...