Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.11 views

CVE-2026-5921

A server-side request forgery SSRF vulnerability was identified in GitHub Enterprise Server that allowed an attacker to extract sensitive environment variables from the instance through a timing side-channel attack against the notebook rendering service. When private mode was disabled, the notebo...

9.5CVSS5.4AI score0.00328EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/22 12:31 a.m.7 views

EUVD-2026-24554

A server-side request forgery SSRF vulnerability was identified in GitHub Enterprise Server that allowed an attacker to extract sensitive environment variables from the instance through a timing side-channel attack against the notebook rendering service. When private mode was disabled, the notebo...

9.5CVSS5.8AI score0.00328EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/04/21 10:11 p.m.31 views

CVE-2026-5921 Server-Side Request Forgery in GitHub Enterprise Server allowed extraction of sensitive environment variables via timing side-channel attack

A server-side request forgery SSRF vulnerability was identified in GitHub Enterprise Server that allowed an attacker to extract sensitive environment variables from the instance through a timing side-channel attack against the notebook rendering service. When private mode was disabled, the notebo...

9.5CVSS0.00328EPSS
Exploits0References7
CVE
CVE
added 2026/04/21 10:11 p.m.22 views

CVE-2026-5921

CVE-2026-5921 describes a server-side request forgery (SSRF) in GitHub Enterprise Server. The notebook rendering service can be reached via an open redirect chain when private mode is disabled, allowing an unauthenticated SSRF to internal services. A timing side-channel across a regex-filtered in...

9.5CVSS5.8AI score0.00328EPSS
Exploits0References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/21 10:11 p.m.9 views

CVE-2026-5921

A server-side request forgery SSRF vulnerability was identified in GitHub Enterprise Server that allowed an attacker to extract sensitive environment variables from the instance through a timing side-channel attack against the notebook rendering service. When private mode was disabled, the notebo...

9.5CVSS5.8AI score0.00328EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder