Lucene search
CVE-2022-46257
Information disclosure vulnerability in GitHub Enterprise Server allows unauthorized addition of private repositories to GitHub Actions runner group, exposing repository names in UI. Exploitation requires instance access, permissions to modify runner groups, and guessing repository IDs
Show more
| Reporter | Title | Published | Views | Family All 4 |
|---|---|---|---|---|
 | CVE-2022-46257 Information disclosure in GitHub Enterprise Server leading to unauthorized viewing of private repository names | 7 Mar 202300:00 | – | cvelist |
 | CVE-2022-46257 Information disclosure in GitHub Enterprise Server leading to unauthorized viewing of private repository names | 7 Mar 202300:00 | – | vulnrichment |
 | CVE-2022-46257 | 7 Mar 202317:15 | – | nvd |
 | Information disclosure | 7 Mar 202317:15 | – | prion |
Node
OROROR
[
{
"vendor": "GitHub",
"product": "GitHub Enterprise Server",
"versions": [
{
"version": "3.3",
"status": "affected",
"lessThan": "3.3.17",
"versionType": "custom"
},
{
"version": "3.4",
"status": "affected",
"lessThan": "3.4.12",
"versionType": "custom"
},
{
"version": "3.5",
"status": "affected",
"lessThan": "3.5.9",
"versionType": "custom"
},
{
"version": "3.6",
"status": "affected",
"lessThan": "3.6.5",
"versionType": "custom"
}
]
}
]Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo07 Mar 2023 17:15Current
4.2Medium risk
Vulners AI Score4.2
CVSS34.3
EPSS0.00051
SSVC