3 matches found
CVE-2024-1482
creationtimestamp| type| source ---|---|--- 2024-02-14 21:21:49+00:00| seen| https://t.me/ctinow/185028...
CVE-2024-1482 Improper Authorization in GitHub Enterprise Server allowed unauthorized workflow execution
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed an attacker to create new branches in public repositories and run arbitrary GitHub Actions workflows with permissions from the GITHUBTOKEN. To exploit this vulnerability, an attacker would need access...
CVE-2024-1482
CVE-2024-1482 describes an incorrect authorization flaw in GitHub Enterprise Server that could let an attacker with access to the server create new branches in public repositories and run arbitrary GitHub Actions workflows using the GITHUB_TOKEN. Affected versions: all after 3.8 and before 3.12. ...