3 matches found
GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access
GitHub has released security updates for Enterprise Server GHES to address multiple issues, including a critical bug that could allow unauthorized access to an instance. The vulnerability, tracked as CVE-2024-9487, carries a CVS score of 9.5 out of a maximum of 10.0 "An attacker could bypass SAML...
GitHub Enterprise 3.10.x < 3.10.16 / 3.11.x < 3.11.14 / 3.12.x < 3.12.8 / 3.13.x < 3.13.3 (ghsa_5wm9_5344_qrrj)
The version of GitHub Enterprise installed on the remote host is prior to 3.10.16, 3.11.14, 3.12.8, or 3.13.3. It is, therefore, affected by a vulnerability as referenced in the ghsa5wm95344qrrj advisory. - An XML signature wrapping vulnerability was present in GitHub Enterprise Server GHES when...
GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges
GitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be abused to gain site administrator privileges. The most severe of the shortcomings has been assigned the CVE identifier CVE-2024-6800, and carries a...