17 matches found
CVE-2025-3509
CVE-2025-3509 affects GitHub Enterprise Server prior to 3.18 and is a Remote Code Execution in the pre-receive hook. The root cause involves using dynamically allocated ports that become temporarily available during specific operational conditions (e.g., hot patch upgrades), creating an exploitab...
CVE-2023-6847
Summary: CVE-2023-6847 is an improper authentication vulnerability in GitHub Enterprise Server that allows bypassing Private Mode via a specially crafted API request. This could enable access to data restricted by Private Mode. Affected versions are GitHub Enterprise Server 3.9 and later up to 3....
CVE-2024-3470
GitHub Enterprise Server suffers an Improper Privilege Management flaw that lets a repository deploy key bypass an organization’s ruleset when an attacker has a valid deploy key and repository administrator access. Affected versions are 3.11–3.12; remediation is to upgrade to 3.11.8 or 3.12.2. In...
CVE-2023-23761
GitHub Enterprise Server faces an improper authentication vulnerability that could let an unauthorized actor modify other users’ secret gists by authenticating through an SSH certificate authority, provided the secret gist URL is known. Affected all versions before 3.9; fixes were released in 3.4...
CVE-2022-23741
Summary : CVE-2022-23741 affects GitHub Enterprise Server. An incorrect authorization vulnerability allowed a scoped user-to-server token to escalate to full admin/owner privileges, requiring an admin to install a malicious GitHub App. The issue was fixed in versions 3.3.17, 3.4.12, 3.5.9, and 3....
CVE-2024-5746
CVE-2024-5746 describes a Server-Side Request Forgery in GitHub Enterprise Server that allowed an authenticated Site Administrator to achieve arbitrary code execution on the instance. Affected versions were all before 3.13, with fixes in 3.12.5, 3.11.11, 3.10.13, and 3.9.16. Public references fro...
CVE-2024-5795
CVE-2024-5795 is a Denial of Service vulnerability in GitHub Enterprise Server causing unbounded resource exhaustion when a large payload is sent to the Git server. Affected: all versions prior to 3.14. Impact: potential unavailability due to resource exhaustion. Remediation: upgrade to one of th...
CVE-2024-10001
GitHub Enterprise Server is affected by CVE-2024-10001. The vulnerability arises from an improper sequence of validation in the message handling function: the origin check occurs after accepting a user-controlled identity property, enabling a code injection via the query selector and exfiltration...
CVE-2023-6802
CVE-2023-6802 describes an information-in-logs vulnerability in GitHub Enterprise Server where sensitive data could be inserted into the audit log, potentially allowing access to the management console. Affected product: GitHub Enterprise Server (all versions since 3.8). Root cause: insertion of ...
CVE-2023-46649
CVE-2023-46649 describes a race condition in GitHub Enterprise Server that could allow an attacker with admin privileges to gain further access during the conversion of a user to an organization. The issue affects all GitHub Enterprise Server versions from 3.7 onward and could be exploited to obt...
CVE-2023-23764
CVE-2023-23764 affects GitHub Enterprise Server (versions 3.7.0 and later) with an incorrect comparison in the PR UI that could enable commit smuggling by displaying an incorrect diff. Exploitation requires write access to the target repository. Affected versions were fixed in 3.7.9, 3.8.2, and 3...
CVE-2026-8606
A Server-Side Request Forgery (SSRF) in GitHub Enterprise Server was exposed via the security advisories package lookup endpoint, allowing an attacker to issue HTTP requests to internal services. By directing requests to an internal management service and measuring response timing, an attacker co...
CVE-2024-1482
CVE-2024-1482 describes an incorrect authorization flaw in GitHub Enterprise Server that could let an attacker with access to the server create new branches in public repositories and run arbitrary GitHub Actions workflows using the GITHUB_TOKEN. Affected versions: all after 3.8 and before 3.12. ...
CVE-2025-8447
CVE-2025-8447 : GitHub Enterprise Server had an improper access-control issue enabling users with access to one repo to retrieve limited code from another repo by stacking a diff between repositories. An attacker needed the private-repo name and a branch/tag/commit SHA to trigger the compare/diff...
CVE-2026-1999
CVE-2026-1999 affects GitHub Enterprise Server and is an incorrect authorization vulnerability in the enable_auto_merge mutation for pull requests. An attacker could merge their own PR into a repository without push access under specific conditions: the repository must allow forking, a clean PR s...
CVE-2025-11578
CVE-2025-11578 is a privilege-escalation vulnerability in GitHub Enterprise Server. An authenticated Enterprise admin could abuse a symlink escape in pre-receive hook environments to replace system binaries during hook cleanup and inject their SSH key into root’s authorized_keys, enabling root SS...
CVE-2026-2266
CVE-2026-2266 : In GitHub Enterprise Server, there is a DOM-based cross-site scripting vulnerability caused by improper neutralization of input in the task list content rendering. Authenticated users can craft malicious task list items in issues or pull requests to inject user-supplied HTML and e...