PT-2023-31799 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions 3.7 through 3.17.18 GitHub Enterprise Server versions 3.8 through 3.8.11 GitHub Enterprise Server versions 3.9 through 3.9.6 GitHub Enterprise Server versions 3.10 through 3.10.3 GitHub Enterprise Server...

GitHub Enterprise Server Security Vulnerability

GitHub Enterprise Server is a U.S. GitHub open source application. Provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server versions prior to 3.8.12, prior to...

The vulnerability in the corporate version of the GitHub Enterprise Server, related to the improper assignment of permissions for files, allows a violator to obtain the MySQL password.

The vulnerability in the corporate version of the GitHub Enterprise Server is related to the improper assignment of permissions for files. Exploiting this vulnerability could allow a hacker to obtain the MySQL password...

GitHub Enterprise Server Security Vulnerability

GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from an incorrect...

PT-2023-6495 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server affected versions not specified Description: The issue is related to incorrect permission assignment for files in the corporate version of GitHub Enterprise Server. This could allow an attacker to obtain the MySQL...

GitHub: RC Between GitHub's Repo Transfer REST API and updateTeamsRepository GraphQL Mutation Results in Covert and Persistent Admin Access Retention

A race condition was discovered in GitHub Enterprise Server that allowed an administrator to retain access permissions on repositories after transfer. This was possible by manipulating repository permissions through a GraphQL mutation during the transfer process. The vulnerability affected GitHub...

PT-2023-32777 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions 3.8 through 3.8.11 GitHub Enterprise Server versions 3.9 through 3.9.6 GitHub Enterprise Server versions 3.10 through 3.10.3 GitHub Enterprise Server versions 3.11 through 3.11.0 Description: An insertion of...

CVE-2023-23766 Incorrect comparison vulnerability in GitHub Enterprise Server leading to commit smuggling

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To do so, an attacker would need write access to the repository. This vulnerability affected all versions of GitHub Enterpris...

PT-2023-19191 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.6.17 GitHub Enterprise Server versions prior to 3.7.15 GitHub Enterprise Server versions prior to 3.8.8 GitHub Enterprise Server versions prior to 3.9.3 GitHub Enterprise Server versions prior to...

GitHub Enterprise Server Security Vulnerability

GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from the discovery o...

CVE-2023-23763

An authorization/sensitive information disclosure vulnerability was identified in GitHub Enterprise Server that allowed a fork to retain read access to an upstream repository after its visibility was changed to private. This vulnerability affected all versions of GitHub Enterprise Server prior to...

CVE-2023-23763

An authorization/sensitive information disclosure vulnerability was identified in GitHub Enterprise Server that allowed a fork to retain read access to an upstream repository after its visibility was changed to private. This vulnerability affected all versions of GitHub Enterprise Server prior to...

Information disclosure

An authorization/sensitive information disclosure vulnerability was identified in GitHub Enterprise Server that allowed a fork to retain read access to an upstream repository after its visibility was changed to private. This vulnerability affected all versions of GitHub Enterprise Server prior to...

GitHub Enterprise Server Security Vulnerability

GitHub Enterprise Server is a U.S. GitHub open source application. Provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server versions prior to 3.10.0, 3.9.4,...

PT-2023-19188 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.10.0 Description: An authorization/sensitive information disclosure issue was identified in GitHub Enterprise Server, allowing a fork to retain read access to an upstream repository after its...

CVE-2023-23765

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was reported via the...

Design/Logic Flaw

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was reported via the...

PT-2023-19190 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server affected versions not specified Description: An incorrect comparison issue was identified that allows commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To exploit this, an attacker needs...

GitHub Enterprise Server 安全漏洞

GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from allowing commit...

CVE-2023-23764

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff within the GitHub pull request UI. To do so, an attacker would need write access to the repository. This vulnerability affected GitHub Enterprise Server...