Github

Enterprise Server

90 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2022-23732

  • EPSS 0.51%
  • Veröffentlicht 05.04.2022 00:15:17
  • Zuletzt bearbeitet 21.11.2024 06:49:12

A path traversal vulnerability was identified in GitHub Enterprise Server management console that allowed the bypass of CSRF protections. This could potentially lead to privilege escalation. To exploit this vulnerability, an attacker would need to ta...

8.8

CVE-2021-41599

  • EPSS 2.5%
  • Veröffentlicht 18.02.2022 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:26:30

A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on th...

8.8

CVE-2021-41598

  • EPSS 0.27%
  • Veröffentlicht 25.01.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:26:30

A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. To exploit this vulnerabilit...

6.5

CVE-2021-22870

  • EPSS 0.46%
  • Veröffentlicht 10.11.2021 02:15:06
  • Zuletzt bearbeitet 21.11.2024 05:50:48

A path traversal vulnerability was identified in GitHub Pages builds on GitHub Enterprise Server that could allow an attacker to read system files. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages si...

9.8

CVE-2021-22869

  • EPSS 0.4%
  • Veröffentlicht 24.09.2021 18:15:07
  • Zuletzt bearbeitet 21.11.2024 05:50:48

An improper access control vulnerability in GitHub Enterprise Server allowed a workflow job to execute in a self-hosted runner group it should not have had access to. This affects customers using self-hosted runner groups for access control. A reposi...

4.3

CVE-2021-22868

  • EPSS 0.28%
  • Veröffentlicht 24.09.2021 18:15:07
  • Zuletzt bearbeitet 21.11.2024 05:50:47

A path traversal vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used by GitHub Pages were not sufficiently restricted and made it possible to r...

6.5

CVE-2021-22867

  • EPSS 0.46%
  • Veröffentlicht 14.07.2021 21:15:08
  • Zuletzt bearbeitet 21.11.2024 05:50:47

A path traversal vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used by GitHub Pages were not sufficiently restricted and made it possible to r...

8.8

CVE-2021-22866

  • EPSS 0.2%
  • Veröffentlicht 14.05.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 05:50:47

A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. To exploit this vulnerabilit...

6.5

CVE-2021-22865

  • EPSS 0.23%
  • Veröffentlicht 02.04.2021 18:15:21
  • Zuletzt bearbeitet 21.11.2024 05:50:47

An improper access control vulnerability was identified in GitHub Enterprise Server that allowed access tokens generated from a GitHub App's web authentication flow to read private repository metadata via the REST API without having been granted the ...

8.8

CVE-2021-22864

  • EPSS 2.5%
  • Veröffentlicht 23.03.2021 22:15:12
  • Zuletzt bearbeitet 21.11.2024 05:50:47

A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used by GitHub Pages were not sufficiently restricted and made it possib...