Incorrect authorization in GitHub Enterprise Server, allowing repository-scoped token to modify Action Workflow files without Workflow scope
Reporter | Title | Published | Views | Family All 3 |
---|---|---|---|---|
![]() | CVE-2022-46258 Incorrect Authorization in GitHub Enterprise Server leads to Action Workflow modifications without Workflow Scope | 9 Jan 202300:00 | – | cvelist |
![]() | CVE-2022-46258 | 9 Jan 202317:15 | – | nvd |
![]() | Authorization | 9 Jan 202317:15 | – | prion |
[
{
"vendor": "GitHub",
"product": "GitHub Enterprise Server",
"versions": [
{
"version": "3.3",
"status": "affected",
"lessThan": "3.3.16",
"versionType": "custom"
},
{
"version": "3.4",
"status": "affected",
"lessThan": "3.4.11",
"versionType": "custom"
},
{
"version": "3.5",
"status": "affected",
"lessThan": "3.5.8",
"versionType": "custom"
},
{
"version": "3.6",
"status": "affected",
"lessThan": "3.6.4",
"versionType": "custom"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo