2 matches found
CVE-2024-1082 Path traversal vulnerability in GitHub Enterprise Server that allowed arbitrary file read with a specially crafted GitHub Pages artifact upload
A path traversal vulnerability was identified in GitHub Enterprise Server that allowed an attacker to gain unauthorized read permission to files by deploying arbitrary symbolic links to a GitHub Pages site with a specially crafted artifact tarball. To exploit this vulnerability, an attacker would...
CVE-2024-1082
Summary: CVE-2024-1082 describes a path traversal in GitHub Enterprise Server that allows an attacker with page-site build permissions to read files via symbolic links in a crafted artifact tarball uploaded to GitHub Pages. Affected product/versions: GitHub Enterprise Server prior to 3.12. Fixed ...